From 5bbd76f92c05684a04db35840655c63e1f8795a6 Mon Sep 17 00:00:00 2001 From: Lance Bragstad Date: Fri, 26 Sep 2025 23:12:05 -0500 Subject: [PATCH 1/2] Update ocp4 assertion files The previous check names relied on an e2e test bundle, resulting in the each check name being prefixed with `e2e`. This prefix needs to change if you're calling the suite with different profile bundles, otherwise the assertions won't match, even though you're using the same profile. This commit updates the assertion files so that we just use the default profile bundle names, and then in the test suite we'll handle the profile bundles so the one under test is always loaded using the default names. This results in less tinkering when your testing locally, versus CI running on PRs, versus periodic CI runs (they all use the same assertion files, with the same check result names). --- tests/assertions/ocp4/ocp4-cis-4.12.yml | 202 +++---- tests/assertions/ocp4/ocp4-cis-4.13.yml | 202 +++---- tests/assertions/ocp4/ocp4-cis-4.14.yml | 202 +++---- tests/assertions/ocp4/ocp4-cis-4.15.yml | 202 +++---- tests/assertions/ocp4/ocp4-cis-4.16.yml | 202 +++---- tests/assertions/ocp4/ocp4-cis-4.17.yml | 202 +++---- tests/assertions/ocp4/ocp4-cis-4.18.yml | 202 +++---- tests/assertions/ocp4/ocp4-cis-node-4.12.yml | 420 +++++++-------- tests/assertions/ocp4/ocp4-cis-node-4.13.yml | 420 +++++++-------- tests/assertions/ocp4/ocp4-cis-node-4.14.yml | 420 +++++++-------- tests/assertions/ocp4/ocp4-cis-node-4.15.yml | 420 +++++++-------- tests/assertions/ocp4/ocp4-cis-node-4.16.yml | 420 +++++++-------- tests/assertions/ocp4/ocp4-cis-node-4.17.yml | 420 +++++++-------- tests/assertions/ocp4/ocp4-cis-node-4.18.yml | 420 +++++++-------- tests/assertions/ocp4/ocp4-e8-4.12.yml | 24 +- tests/assertions/ocp4/ocp4-e8-4.13.yml | 24 +- tests/assertions/ocp4/ocp4-e8-4.14.yml | 24 +- tests/assertions/ocp4/ocp4-e8-4.15.yml | 24 +- tests/assertions/ocp4/ocp4-e8-4.16.yml | 24 +- tests/assertions/ocp4/ocp4-high-4.12.yml | 276 +++++----- tests/assertions/ocp4/ocp4-high-4.13.yml | 276 +++++----- tests/assertions/ocp4/ocp4-high-4.14.yml | 276 +++++----- tests/assertions/ocp4/ocp4-high-4.15.yml | 276 +++++----- tests/assertions/ocp4/ocp4-high-4.16.yml | 276 +++++----- tests/assertions/ocp4/ocp4-high-4.17.yml | 276 +++++----- tests/assertions/ocp4/ocp4-high-4.18.yml | 276 +++++----- tests/assertions/ocp4/ocp4-high-node-4.12.yml | 500 +++++++++--------- tests/assertions/ocp4/ocp4-high-node-4.13.yml | 500 +++++++++--------- tests/assertions/ocp4/ocp4-high-node-4.14.yml | 500 +++++++++--------- tests/assertions/ocp4/ocp4-high-node-4.15.yml | 500 +++++++++--------- tests/assertions/ocp4/ocp4-high-node-4.16.yml | 500 +++++++++--------- tests/assertions/ocp4/ocp4-high-node-4.17.yml | 500 +++++++++--------- tests/assertions/ocp4/ocp4-high-node-4.18.yml | 500 +++++++++--------- tests/assertions/ocp4/ocp4-moderate-4.12.yml | 270 +++++----- tests/assertions/ocp4/ocp4-moderate-4.13.yml | 270 +++++----- tests/assertions/ocp4/ocp4-moderate-4.14.yml | 270 +++++----- tests/assertions/ocp4/ocp4-moderate-4.15.yml | 270 +++++----- tests/assertions/ocp4/ocp4-moderate-4.16.yml | 270 +++++----- tests/assertions/ocp4/ocp4-moderate-4.17.yml | 270 +++++----- tests/assertions/ocp4/ocp4-moderate-4.18.yml | 270 +++++----- .../ocp4/ocp4-moderate-node-4.12.yml | 500 +++++++++--------- .../ocp4/ocp4-moderate-node-4.13.yml | 500 +++++++++--------- .../ocp4/ocp4-moderate-node-4.14.yml | 500 +++++++++--------- .../ocp4/ocp4-moderate-node-4.15.yml | 500 +++++++++--------- .../ocp4/ocp4-moderate-node-4.16.yml | 500 +++++++++--------- .../ocp4/ocp4-moderate-node-4.17.yml | 500 +++++++++--------- .../ocp4/ocp4-moderate-node-4.18.yml | 500 +++++++++--------- .../assertions/ocp4/ocp4-pci-dss-4-0-4.12.yml | 242 ++++----- .../assertions/ocp4/ocp4-pci-dss-4-0-4.13.yml | 242 ++++----- .../assertions/ocp4/ocp4-pci-dss-4-0-4.14.yml | 242 ++++----- .../assertions/ocp4/ocp4-pci-dss-4-0-4.15.yml | 242 ++++----- .../assertions/ocp4/ocp4-pci-dss-4-0-4.16.yml | 242 ++++----- .../assertions/ocp4/ocp4-pci-dss-4-0-4.17.yml | 242 ++++----- .../assertions/ocp4/ocp4-pci-dss-4-0-4.18.yml | 242 ++++----- tests/assertions/ocp4/ocp4-pci-dss-4.12.yml | 252 ++++----- tests/assertions/ocp4/ocp4-pci-dss-4.13.yml | 252 ++++----- tests/assertions/ocp4/ocp4-pci-dss-4.14.yml | 252 ++++----- tests/assertions/ocp4/ocp4-pci-dss-4.15.yml | 252 ++++----- tests/assertions/ocp4/ocp4-pci-dss-4.16.yml | 252 ++++----- tests/assertions/ocp4/ocp4-pci-dss-4.17.yml | 252 ++++----- tests/assertions/ocp4/ocp4-pci-dss-4.18.yml | 252 ++++----- .../ocp4/ocp4-pci-dss-node-4-0-4.12.yml | 476 ++++++++--------- .../ocp4/ocp4-pci-dss-node-4-0-4.13.yml | 476 ++++++++--------- .../ocp4/ocp4-pci-dss-node-4-0-4.14.yml | 476 ++++++++--------- .../ocp4/ocp4-pci-dss-node-4-0-4.15.yml | 476 ++++++++--------- .../ocp4/ocp4-pci-dss-node-4-0-4.16.yml | 476 ++++++++--------- .../ocp4/ocp4-pci-dss-node-4-0-4.17.yml | 476 ++++++++--------- .../ocp4/ocp4-pci-dss-node-4-0-4.18.yml | 476 ++++++++--------- .../ocp4/ocp4-pci-dss-node-4.12.yml | 488 ++++++++--------- .../ocp4/ocp4-pci-dss-node-4.13.yml | 488 ++++++++--------- .../ocp4/ocp4-pci-dss-node-4.14.yml | 488 ++++++++--------- .../ocp4/ocp4-pci-dss-node-4.15.yml | 488 ++++++++--------- .../ocp4/ocp4-pci-dss-node-4.16.yml | 488 ++++++++--------- .../ocp4/ocp4-pci-dss-node-4.17.yml | 488 ++++++++--------- .../ocp4/ocp4-pci-dss-node-4.18.yml | 488 ++++++++--------- tests/assertions/ocp4/ocp4-stig-4.12.yml | 246 ++++----- tests/assertions/ocp4/ocp4-stig-4.13.yml | 246 ++++----- tests/assertions/ocp4/ocp4-stig-4.14.yml | 246 ++++----- tests/assertions/ocp4/ocp4-stig-4.15.yml | 246 ++++----- tests/assertions/ocp4/ocp4-stig-4.16.yml | 246 ++++----- tests/assertions/ocp4/ocp4-stig-4.17.yml | 246 ++++----- tests/assertions/ocp4/ocp4-stig-4.18.yml | 246 ++++----- tests/assertions/ocp4/ocp4-stig-node-4.12.yml | 444 ++++++++-------- tests/assertions/ocp4/ocp4-stig-node-4.13.yml | 444 ++++++++-------- tests/assertions/ocp4/ocp4-stig-node-4.14.yml | 444 ++++++++-------- tests/assertions/ocp4/ocp4-stig-node-4.15.yml | 444 ++++++++-------- tests/assertions/ocp4/ocp4-stig-node-4.16.yml | 444 ++++++++-------- tests/assertions/ocp4/ocp4-stig-node-4.17.yml | 444 ++++++++-------- tests/assertions/ocp4/ocp4-stig-node-4.18.yml | 444 ++++++++-------- 89 files changed, 15166 insertions(+), 15166 deletions(-) diff --git a/tests/assertions/ocp4/ocp4-cis-4.12.yml b/tests/assertions/ocp4/ocp4-cis-4.12.yml index 8352ca2beb2..dee6bce1270 100644 --- a/tests/assertions/ocp4/ocp4-cis-4.12.yml +++ b/tests/assertions/ocp4/ocp4-cis-4.12.yml @@ -1,302 +1,302 @@ rule_results: - e2e-cis-accounts-restrict-service-account-tokens: + ocp4-cis-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-accounts-unique-service-account: + ocp4-cis-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-api-server-admission-control-plugin-alwaysadmit: + ocp4-cis-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-alwayspullimages: + ocp4-cis-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-namespacelifecycle: + ocp4-cis-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-noderestriction: + ocp4-cis-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-scc: + ocp4-cis-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-service-account: + ocp4-cis-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-anonymous-auth: + ocp4-cis-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-api-priority-gate-enabled: + ocp4-cis-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-audit-log-maxbackup: + ocp4-cis-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-maxsize: + ocp4-cis-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-path: + ocp4-cis-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-no-aa: + ocp4-cis-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-rbac: + ocp4-cis-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-basic-auth: + ocp4-cis-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-bind-address: + ocp4-cis-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-client-ca: + ocp4-cis-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-encryption-provider-cipher: + ocp4-cis-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-etcd-ca: + ocp4-cis-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-cert: + ocp4-cis-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-key: + ocp4-cis-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-https-for-kubelet-conn: + ocp4-cis-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-bind-address: + ocp4-cis-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-port: + ocp4-cis-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-certificate-authority: + ocp4-cis-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert: + ocp4-cis-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert-pre-4-9: + ocp4-cis-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-client-key: + ocp4-cis-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-key-pre-4-9: + ocp4-cis-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-oauth-https-serving-cert: + ocp4-cis-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-openshift-https-serving-cert: + ocp4-cis-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-profiling-protected-by-rbac: + ocp4-cis-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-request-timeout: + ocp4-cis-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-lookup: + ocp4-cis-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-public-key: + ocp4-cis-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cert: + ocp4-cis-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cipher-suites: + ocp4-cis-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-private-key: + ocp4-cis-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-token-auth: + ocp4-cis-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-log-forwarding-enabled: + ocp4-cis-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-cis-audit-log-forwarding-webhook: + ocp4-cis-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-audit-logging-enabled: + ocp4-cis-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-profile-set: + ocp4-cis-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-cis-configure-network-policies: + ocp4-cis-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-cis-configure-network-policies-hypershift-hosted: + ocp4-cis-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-configure-network-policies-namespaces: + ocp4-cis-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-insecure-port-disabled: + ocp4-cis-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-secure-port: + ocp4-cis-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-ca: + ocp4-cis-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-private-key: + ocp4-cis-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-use-service-account: + ocp4-cis-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-auto-tls: + ocp4-cis-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-cert-file: + ocp4-cis-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-client-cert-auth: + ocp4-cis-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-key-file: + ocp4-cis-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-auto-tls: + ocp4-cis-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-cert-file: + ocp4-cis-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-client-cert-auth: + ocp4-cis-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-key-file: + ocp4-cis-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-file-groupowner-proxy-kubeconfig: + ocp4-cis-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-owner-proxy-kubeconfig: + ocp4-cis-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-permissions-proxy-kubeconfig: + ocp4-cis-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-general-apply-scc: + ocp4-cis-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-namespace-use: + ocp4-cis-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-seccomp-profile: + ocp4-cis-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-namespaces-in-use: + ocp4-cis-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-idp-is-configured: + ocp4-cis-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-cis-kubeadmin-removed: + ocp4-cis-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-cis-kubelet-configure-tls-cert: + ocp4-cis-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-key: + ocp4-cis-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-disable-readonly-port: + ocp4-cis-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-allowed-registries: + ocp4-cis-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-allowed-registries-for-import: + ocp4-cis-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-api-server-audit-log-maxbackup: + ocp4-cis-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-api-server-audit-log-maxsize: + ocp4-cis-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-allowed-registries-for-import: + ocp4-cis-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-registries: + ocp4-cis-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-cis-openshift-api-server-audit-log-path: + ocp4-cis-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-debug-role-protects-pprof: + ocp4-cis-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-least-privilege: + ocp4-cis-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-cluster-admin: + ocp4-cis-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-secrets-access: + ocp4-cis-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-pod-creation-access: + ocp4-cis-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-wildcard-use: + ocp4-cis-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-drop-container-capabilities: + ocp4-cis-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-container-allowed-capabilities: + ocp4-cis-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-cis-scc-limit-ipc-namespace: + ocp4-cis-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-net-raw-capability: + ocp4-cis-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-network-namespace: + ocp4-cis-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privilege-escalation: + ocp4-cis-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privileged-containers: + ocp4-cis-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-process-id-namespace: + ocp4-cis-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-root-containers: + ocp4-cis-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scheduler-profiling-protected-by-rbac: + ocp4-cis-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-scheduler-service-protected-by-rbac: + ocp4-cis-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-secrets-consider-external-storage: + ocp4-cis-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-secrets-no-environment-variables: + ocp4-cis-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-api-server-tls-security-profile-custom-min-tls-version: + ocp4-cis-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS - e2e-cis-api-server-tls-security-profile-not-old: + ocp4-cis-api-server-tls-security-profile-not-old: default_result: PASS diff --git a/tests/assertions/ocp4/ocp4-cis-4.13.yml b/tests/assertions/ocp4/ocp4-cis-4.13.yml index 3ddb3680482..8ec536a4549 100644 --- a/tests/assertions/ocp4/ocp4-cis-4.13.yml +++ b/tests/assertions/ocp4/ocp4-cis-4.13.yml @@ -1,277 +1,277 @@ rule_results: - e2e-cis-accounts-restrict-service-account-tokens: + ocp4-cis-accounts-restrict-service-account-tokens: default_result: MANUAL - e2e-cis-accounts-unique-service-account: + ocp4-cis-accounts-unique-service-account: default_result: MANUAL - e2e-cis-api-server-admission-control-plugin-alwaysadmit: + ocp4-cis-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-alwayspullimages: + ocp4-cis-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-namespacelifecycle: + ocp4-cis-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-noderestriction: + ocp4-cis-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-scc: + ocp4-cis-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-service-account: + ocp4-cis-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-anonymous-auth: + ocp4-cis-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-api-priority-gate-enabled: + ocp4-cis-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-audit-log-maxbackup: + ocp4-cis-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-maxsize: + ocp4-cis-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-path: + ocp4-cis-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-no-aa: + ocp4-cis-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-rbac: + ocp4-cis-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-basic-auth: + ocp4-cis-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-bind-address: + ocp4-cis-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-client-ca: + ocp4-cis-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-encryption-provider-cipher: + ocp4-cis-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-etcd-ca: + ocp4-cis-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-cert: + ocp4-cis-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-key: + ocp4-cis-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-https-for-kubelet-conn: + ocp4-cis-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-bind-address: + ocp4-cis-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-port: + ocp4-cis-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-certificate-authority: + ocp4-cis-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert: + ocp4-cis-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert-pre-4-9: + ocp4-cis-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-client-key: + ocp4-cis-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-key-pre-4-9: + ocp4-cis-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-oauth-https-serving-cert: + ocp4-cis-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-openshift-https-serving-cert: + ocp4-cis-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-profiling-protected-by-rbac: + ocp4-cis-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-request-timeout: + ocp4-cis-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-lookup: + ocp4-cis-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-public-key: + ocp4-cis-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cert: + ocp4-cis-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cipher-suites: + ocp4-cis-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-private-key: + ocp4-cis-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-token-auth: + ocp4-cis-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-log-forwarding-enabled: + ocp4-cis-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-cis-audit-log-forwarding-webhook: + ocp4-cis-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-audit-logging-enabled: + ocp4-cis-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-profile-set: + ocp4-cis-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-cis-configure-network-policies: + ocp4-cis-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-cis-configure-network-policies-hypershift-hosted: + ocp4-cis-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-configure-network-policies-namespaces: + ocp4-cis-configure-network-policies-namespaces: default_result: PASS - e2e-cis-controller-insecure-port-disabled: + ocp4-cis-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-secure-port: + ocp4-cis-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-ca: + ocp4-cis-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-private-key: + ocp4-cis-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-use-service-account: + ocp4-cis-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-auto-tls: + ocp4-cis-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-cert-file: + ocp4-cis-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-client-cert-auth: + ocp4-cis-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-key-file: + ocp4-cis-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-auto-tls: + ocp4-cis-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-cert-file: + ocp4-cis-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-client-cert-auth: + ocp4-cis-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-key-file: + ocp4-cis-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-file-groupowner-proxy-kubeconfig: + ocp4-cis-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-owner-proxy-kubeconfig: + ocp4-cis-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-permissions-proxy-kubeconfig: + ocp4-cis-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-general-apply-scc: + ocp4-cis-general-apply-scc: default_result: MANUAL - e2e-cis-general-default-namespace-use: + ocp4-cis-general-default-namespace-use: default_result: MANUAL - e2e-cis-general-default-seccomp-profile: + ocp4-cis-general-default-seccomp-profile: default_result: MANUAL - e2e-cis-general-namespaces-in-use: + ocp4-cis-general-namespaces-in-use: default_result: MANUAL - e2e-cis-idp-is-configured: + ocp4-cis-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-cis-kubeadmin-removed: + ocp4-cis-kubeadmin-removed: default_result: FAIL - e2e-cis-kubelet-configure-tls-cert: + ocp4-cis-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-key: + ocp4-cis-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-disable-readonly-port: + ocp4-cis-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-allowed-registries: + ocp4-cis-ocp-allowed-registries: default_result: FAIL - e2e-cis-ocp-allowed-registries-for-import: + ocp4-cis-ocp-allowed-registries-for-import: default_result: FAIL - e2e-cis-ocp-api-server-audit-log-maxbackup: + ocp4-cis-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-api-server-audit-log-maxsize: + ocp4-cis-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-allowed-registries-for-import: + ocp4-cis-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-registries: + ocp4-cis-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-cis-openshift-api-server-audit-log-path: + ocp4-cis-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-debug-role-protects-pprof: + ocp4-cis-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-least-privilege: + ocp4-cis-rbac-least-privilege: default_result: MANUAL - e2e-cis-rbac-limit-cluster-admin: + ocp4-cis-rbac-limit-cluster-admin: default_result: MANUAL - e2e-cis-rbac-limit-secrets-access: + ocp4-cis-rbac-limit-secrets-access: default_result: MANUAL - e2e-cis-rbac-pod-creation-access: + ocp4-cis-rbac-pod-creation-access: default_result: MANUAL - e2e-cis-rbac-wildcard-use: + ocp4-cis-rbac-wildcard-use: default_result: MANUAL - e2e-cis-scc-drop-container-capabilities: + ocp4-cis-scc-drop-container-capabilities: default_result: MANUAL - e2e-cis-scc-limit-container-allowed-capabilities: + ocp4-cis-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-cis-scc-limit-ipc-namespace: + ocp4-cis-scc-limit-ipc-namespace: default_result: MANUAL - e2e-cis-scc-limit-net-raw-capability: + ocp4-cis-scc-limit-net-raw-capability: default_result: MANUAL - e2e-cis-scc-limit-network-namespace: + ocp4-cis-scc-limit-network-namespace: default_result: MANUAL - e2e-cis-scc-limit-privilege-escalation: + ocp4-cis-scc-limit-privilege-escalation: default_result: MANUAL - e2e-cis-scc-limit-privileged-containers: + ocp4-cis-scc-limit-privileged-containers: default_result: MANUAL - e2e-cis-scc-limit-process-id-namespace: + ocp4-cis-scc-limit-process-id-namespace: default_result: MANUAL - e2e-cis-scc-limit-root-containers: + ocp4-cis-scc-limit-root-containers: default_result: MANUAL - e2e-cis-scheduler-profiling-protected-by-rbac: + ocp4-cis-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-scheduler-service-protected-by-rbac: + ocp4-cis-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-secrets-consider-external-storage: + ocp4-cis-secrets-consider-external-storage: default_result: MANUAL - e2e-cis-secrets-no-environment-variables: + ocp4-cis-secrets-no-environment-variables: default_result: MANUAL - e2e-cis-api-server-tls-security-profile-custom-min-tls-version: + ocp4-cis-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS - e2e-cis-api-server-tls-security-profile-not-old: + ocp4-cis-api-server-tls-security-profile-not-old: default_result: PASS diff --git a/tests/assertions/ocp4/ocp4-cis-4.14.yml b/tests/assertions/ocp4/ocp4-cis-4.14.yml index 3ddb3680482..8ec536a4549 100644 --- a/tests/assertions/ocp4/ocp4-cis-4.14.yml +++ b/tests/assertions/ocp4/ocp4-cis-4.14.yml @@ -1,277 +1,277 @@ rule_results: - e2e-cis-accounts-restrict-service-account-tokens: + ocp4-cis-accounts-restrict-service-account-tokens: default_result: MANUAL - e2e-cis-accounts-unique-service-account: + ocp4-cis-accounts-unique-service-account: default_result: MANUAL - e2e-cis-api-server-admission-control-plugin-alwaysadmit: + ocp4-cis-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-alwayspullimages: + ocp4-cis-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-namespacelifecycle: + ocp4-cis-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-noderestriction: + ocp4-cis-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-scc: + ocp4-cis-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-service-account: + ocp4-cis-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-anonymous-auth: + ocp4-cis-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-api-priority-gate-enabled: + ocp4-cis-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-audit-log-maxbackup: + ocp4-cis-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-maxsize: + ocp4-cis-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-path: + ocp4-cis-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-no-aa: + ocp4-cis-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-rbac: + ocp4-cis-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-basic-auth: + ocp4-cis-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-bind-address: + ocp4-cis-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-client-ca: + ocp4-cis-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-encryption-provider-cipher: + ocp4-cis-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-etcd-ca: + ocp4-cis-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-cert: + ocp4-cis-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-key: + ocp4-cis-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-https-for-kubelet-conn: + ocp4-cis-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-bind-address: + ocp4-cis-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-port: + ocp4-cis-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-certificate-authority: + ocp4-cis-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert: + ocp4-cis-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert-pre-4-9: + ocp4-cis-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-client-key: + ocp4-cis-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-key-pre-4-9: + ocp4-cis-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-oauth-https-serving-cert: + ocp4-cis-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-openshift-https-serving-cert: + ocp4-cis-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-profiling-protected-by-rbac: + ocp4-cis-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-request-timeout: + ocp4-cis-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-lookup: + ocp4-cis-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-public-key: + ocp4-cis-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cert: + ocp4-cis-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cipher-suites: + ocp4-cis-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-private-key: + ocp4-cis-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-token-auth: + ocp4-cis-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-log-forwarding-enabled: + ocp4-cis-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-cis-audit-log-forwarding-webhook: + ocp4-cis-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-audit-logging-enabled: + ocp4-cis-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-profile-set: + ocp4-cis-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-cis-configure-network-policies: + ocp4-cis-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-cis-configure-network-policies-hypershift-hosted: + ocp4-cis-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-configure-network-policies-namespaces: + ocp4-cis-configure-network-policies-namespaces: default_result: PASS - e2e-cis-controller-insecure-port-disabled: + ocp4-cis-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-secure-port: + ocp4-cis-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-ca: + ocp4-cis-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-private-key: + ocp4-cis-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-use-service-account: + ocp4-cis-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-auto-tls: + ocp4-cis-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-cert-file: + ocp4-cis-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-client-cert-auth: + ocp4-cis-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-key-file: + ocp4-cis-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-auto-tls: + ocp4-cis-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-cert-file: + ocp4-cis-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-client-cert-auth: + ocp4-cis-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-key-file: + ocp4-cis-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-file-groupowner-proxy-kubeconfig: + ocp4-cis-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-owner-proxy-kubeconfig: + ocp4-cis-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-permissions-proxy-kubeconfig: + ocp4-cis-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-general-apply-scc: + ocp4-cis-general-apply-scc: default_result: MANUAL - e2e-cis-general-default-namespace-use: + ocp4-cis-general-default-namespace-use: default_result: MANUAL - e2e-cis-general-default-seccomp-profile: + ocp4-cis-general-default-seccomp-profile: default_result: MANUAL - e2e-cis-general-namespaces-in-use: + ocp4-cis-general-namespaces-in-use: default_result: MANUAL - e2e-cis-idp-is-configured: + ocp4-cis-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-cis-kubeadmin-removed: + ocp4-cis-kubeadmin-removed: default_result: FAIL - e2e-cis-kubelet-configure-tls-cert: + ocp4-cis-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-key: + ocp4-cis-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-disable-readonly-port: + ocp4-cis-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-allowed-registries: + ocp4-cis-ocp-allowed-registries: default_result: FAIL - e2e-cis-ocp-allowed-registries-for-import: + ocp4-cis-ocp-allowed-registries-for-import: default_result: FAIL - e2e-cis-ocp-api-server-audit-log-maxbackup: + ocp4-cis-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-api-server-audit-log-maxsize: + ocp4-cis-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-allowed-registries-for-import: + ocp4-cis-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-registries: + ocp4-cis-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-cis-openshift-api-server-audit-log-path: + ocp4-cis-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-debug-role-protects-pprof: + ocp4-cis-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-least-privilege: + ocp4-cis-rbac-least-privilege: default_result: MANUAL - e2e-cis-rbac-limit-cluster-admin: + ocp4-cis-rbac-limit-cluster-admin: default_result: MANUAL - e2e-cis-rbac-limit-secrets-access: + ocp4-cis-rbac-limit-secrets-access: default_result: MANUAL - e2e-cis-rbac-pod-creation-access: + ocp4-cis-rbac-pod-creation-access: default_result: MANUAL - e2e-cis-rbac-wildcard-use: + ocp4-cis-rbac-wildcard-use: default_result: MANUAL - e2e-cis-scc-drop-container-capabilities: + ocp4-cis-scc-drop-container-capabilities: default_result: MANUAL - e2e-cis-scc-limit-container-allowed-capabilities: + ocp4-cis-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-cis-scc-limit-ipc-namespace: + ocp4-cis-scc-limit-ipc-namespace: default_result: MANUAL - e2e-cis-scc-limit-net-raw-capability: + ocp4-cis-scc-limit-net-raw-capability: default_result: MANUAL - e2e-cis-scc-limit-network-namespace: + ocp4-cis-scc-limit-network-namespace: default_result: MANUAL - e2e-cis-scc-limit-privilege-escalation: + ocp4-cis-scc-limit-privilege-escalation: default_result: MANUAL - e2e-cis-scc-limit-privileged-containers: + ocp4-cis-scc-limit-privileged-containers: default_result: MANUAL - e2e-cis-scc-limit-process-id-namespace: + ocp4-cis-scc-limit-process-id-namespace: default_result: MANUAL - e2e-cis-scc-limit-root-containers: + ocp4-cis-scc-limit-root-containers: default_result: MANUAL - e2e-cis-scheduler-profiling-protected-by-rbac: + ocp4-cis-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-scheduler-service-protected-by-rbac: + ocp4-cis-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-secrets-consider-external-storage: + ocp4-cis-secrets-consider-external-storage: default_result: MANUAL - e2e-cis-secrets-no-environment-variables: + ocp4-cis-secrets-no-environment-variables: default_result: MANUAL - e2e-cis-api-server-tls-security-profile-custom-min-tls-version: + ocp4-cis-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS - e2e-cis-api-server-tls-security-profile-not-old: + ocp4-cis-api-server-tls-security-profile-not-old: default_result: PASS diff --git a/tests/assertions/ocp4/ocp4-cis-4.15.yml b/tests/assertions/ocp4/ocp4-cis-4.15.yml index c66ca3fa878..2846d46e66a 100644 --- a/tests/assertions/ocp4/ocp4-cis-4.15.yml +++ b/tests/assertions/ocp4/ocp4-cis-4.15.yml @@ -1,301 +1,301 @@ rule_results: - e2e-cis-accounts-restrict-service-account-tokens: + ocp4-cis-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-accounts-unique-service-account: + ocp4-cis-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-api-server-admission-control-plugin-alwaysadmit: + ocp4-cis-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-alwayspullimages: + ocp4-cis-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-namespacelifecycle: + ocp4-cis-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-noderestriction: + ocp4-cis-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-scc: + ocp4-cis-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-service-account: + ocp4-cis-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-anonymous-auth: + ocp4-cis-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-api-priority-gate-enabled: + ocp4-cis-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-audit-log-maxbackup: + ocp4-cis-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-maxsize: + ocp4-cis-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-path: + ocp4-cis-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-no-aa: + ocp4-cis-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-rbac: + ocp4-cis-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-basic-auth: + ocp4-cis-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-bind-address: + ocp4-cis-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-client-ca: + ocp4-cis-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-encryption-provider-cipher: + ocp4-cis-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-etcd-ca: + ocp4-cis-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-cert: + ocp4-cis-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-key: + ocp4-cis-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-https-for-kubelet-conn: + ocp4-cis-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-bind-address: + ocp4-cis-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-port: + ocp4-cis-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-certificate-authority: + ocp4-cis-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert: + ocp4-cis-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert-pre-4-9: + ocp4-cis-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-client-key: + ocp4-cis-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-key-pre-4-9: + ocp4-cis-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-oauth-https-serving-cert: + ocp4-cis-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-openshift-https-serving-cert: + ocp4-cis-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-profiling-protected-by-rbac: + ocp4-cis-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-request-timeout: + ocp4-cis-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-lookup: + ocp4-cis-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-public-key: + ocp4-cis-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cert: + ocp4-cis-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cipher-suites: + ocp4-cis-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-private-key: + ocp4-cis-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-token-auth: + ocp4-cis-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-log-forwarding-enabled: + ocp4-cis-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-cis-audit-log-forwarding-webhook: + ocp4-cis-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-audit-logging-enabled: + ocp4-cis-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-profile-set: + ocp4-cis-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-cis-configure-network-policies: + ocp4-cis-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-cis-configure-network-policies-hypershift-hosted: + ocp4-cis-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-configure-network-policies-namespaces: + ocp4-cis-configure-network-policies-namespaces: default_result: PASS - e2e-cis-controller-insecure-port-disabled: + ocp4-cis-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-secure-port: + ocp4-cis-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-ca: + ocp4-cis-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-private-key: + ocp4-cis-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-use-service-account: + ocp4-cis-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-auto-tls: + ocp4-cis-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-cert-file: + ocp4-cis-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-client-cert-auth: + ocp4-cis-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-key-file: + ocp4-cis-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-auto-tls: + ocp4-cis-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-cert-file: + ocp4-cis-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-client-cert-auth: + ocp4-cis-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-key-file: + ocp4-cis-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-file-groupowner-proxy-kubeconfig: + ocp4-cis-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-owner-proxy-kubeconfig: + ocp4-cis-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-permissions-proxy-kubeconfig: + ocp4-cis-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-general-apply-scc: + ocp4-cis-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-namespace-use: + ocp4-cis-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-seccomp-profile: + ocp4-cis-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-namespaces-in-use: + ocp4-cis-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-idp-is-configured: + ocp4-cis-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-cis-kubeadmin-removed: + ocp4-cis-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-cis-kubelet-configure-tls-cert: + ocp4-cis-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-key: + ocp4-cis-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-disable-readonly-port: + ocp4-cis-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-allowed-registries: + ocp4-cis-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-allowed-registries-for-import: + ocp4-cis-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-api-server-audit-log-maxbackup: + ocp4-cis-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-api-server-audit-log-maxsize: + ocp4-cis-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-allowed-registries-for-import: + ocp4-cis-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-registries: + ocp4-cis-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-cis-openshift-api-server-audit-log-path: + ocp4-cis-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-debug-role-protects-pprof: + ocp4-cis-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-least-privilege: + ocp4-cis-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-cluster-admin: + ocp4-cis-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-secrets-access: + ocp4-cis-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-pod-creation-access: + ocp4-cis-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-wildcard-use: + ocp4-cis-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-drop-container-capabilities: + ocp4-cis-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-container-allowed-capabilities: + ocp4-cis-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-cis-scc-limit-ipc-namespace: + ocp4-cis-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-net-raw-capability: + ocp4-cis-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-network-namespace: + ocp4-cis-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privilege-escalation: + ocp4-cis-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privileged-containers: + ocp4-cis-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-process-id-namespace: + ocp4-cis-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-root-containers: + ocp4-cis-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scheduler-profiling-protected-by-rbac: + ocp4-cis-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-scheduler-service-protected-by-rbac: + ocp4-cis-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-secrets-consider-external-storage: + ocp4-cis-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-secrets-no-environment-variables: + ocp4-cis-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-api-server-tls-security-profile-custom-min-tls-version: + ocp4-cis-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS - e2e-cis-api-server-tls-security-profile-not-old: + ocp4-cis-api-server-tls-security-profile-not-old: default_result: PASS diff --git a/tests/assertions/ocp4/ocp4-cis-4.16.yml b/tests/assertions/ocp4/ocp4-cis-4.16.yml index 27770db764a..e39d1102355 100644 --- a/tests/assertions/ocp4/ocp4-cis-4.16.yml +++ b/tests/assertions/ocp4/ocp4-cis-4.16.yml @@ -1,277 +1,277 @@ rule_results: - e2e-cis-accounts-restrict-service-account-tokens: + ocp4-cis-accounts-restrict-service-account-tokens: default_result: MANUAL - e2e-cis-accounts-unique-service-account: + ocp4-cis-accounts-unique-service-account: default_result: MANUAL - e2e-cis-api-server-admission-control-plugin-alwaysadmit: + ocp4-cis-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-alwayspullimages: + ocp4-cis-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-namespacelifecycle: + ocp4-cis-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-noderestriction: + ocp4-cis-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-scc: + ocp4-cis-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-service-account: + ocp4-cis-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-anonymous-auth: + ocp4-cis-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-api-priority-gate-enabled: + ocp4-cis-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-audit-log-maxbackup: + ocp4-cis-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-maxsize: + ocp4-cis-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-path: + ocp4-cis-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-no-aa: + ocp4-cis-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-rbac: + ocp4-cis-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-basic-auth: + ocp4-cis-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-bind-address: + ocp4-cis-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-client-ca: + ocp4-cis-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-encryption-provider-cipher: + ocp4-cis-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-etcd-ca: + ocp4-cis-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-cert: + ocp4-cis-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-key: + ocp4-cis-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-https-for-kubelet-conn: + ocp4-cis-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-bind-address: + ocp4-cis-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-port: + ocp4-cis-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-certificate-authority: + ocp4-cis-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert: + ocp4-cis-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert-pre-4-9: + ocp4-cis-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-client-key: + ocp4-cis-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-key-pre-4-9: + ocp4-cis-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-oauth-https-serving-cert: + ocp4-cis-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-openshift-https-serving-cert: + ocp4-cis-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-profiling-protected-by-rbac: + ocp4-cis-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-request-timeout: + ocp4-cis-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-lookup: + ocp4-cis-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-public-key: + ocp4-cis-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cert: + ocp4-cis-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cipher-suites: + ocp4-cis-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-private-key: + ocp4-cis-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-token-auth: + ocp4-cis-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-log-forwarding-enabled: + ocp4-cis-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-cis-audit-log-forwarding-webhook: + ocp4-cis-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-audit-logging-enabled: + ocp4-cis-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-profile-set: + ocp4-cis-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-cis-configure-network-policies: + ocp4-cis-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-cis-configure-network-policies-hypershift-hosted: + ocp4-cis-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-configure-network-policies-namespaces: + ocp4-cis-configure-network-policies-namespaces: default_result: PASS - e2e-cis-controller-insecure-port-disabled: + ocp4-cis-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-secure-port: + ocp4-cis-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-ca: + ocp4-cis-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-private-key: + ocp4-cis-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-use-service-account: + ocp4-cis-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-auto-tls: + ocp4-cis-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-cert-file: + ocp4-cis-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-client-cert-auth: + ocp4-cis-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-key-file: + ocp4-cis-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-auto-tls: + ocp4-cis-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-cert-file: + ocp4-cis-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-client-cert-auth: + ocp4-cis-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-key-file: + ocp4-cis-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-file-groupowner-proxy-kubeconfig: + ocp4-cis-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-owner-proxy-kubeconfig: + ocp4-cis-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-permissions-proxy-kubeconfig: + ocp4-cis-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-general-apply-scc: + ocp4-cis-general-apply-scc: default_result: MANUAL - e2e-cis-general-default-namespace-use: + ocp4-cis-general-default-namespace-use: default_result: MANUAL - e2e-cis-general-default-seccomp-profile: + ocp4-cis-general-default-seccomp-profile: default_result: MANUAL - e2e-cis-general-namespaces-in-use: + ocp4-cis-general-namespaces-in-use: default_result: MANUAL - e2e-cis-idp-is-configured: + ocp4-cis-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-cis-kubeadmin-removed: + ocp4-cis-kubeadmin-removed: default_result: FAIL - e2e-cis-kubelet-configure-tls-cert: + ocp4-cis-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-key: + ocp4-cis-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-disable-readonly-port: + ocp4-cis-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-cis-ocp-allowed-registries: + ocp4-cis-ocp-allowed-registries: default_result: FAIL - e2e-cis-ocp-allowed-registries-for-import: + ocp4-cis-ocp-allowed-registries-for-import: default_result: FAIL - e2e-cis-ocp-api-server-audit-log-maxbackup: + ocp4-cis-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-api-server-audit-log-maxsize: + ocp4-cis-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-allowed-registries-for-import: + ocp4-cis-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-registries: + ocp4-cis-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-cis-openshift-api-server-audit-log-path: + ocp4-cis-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-debug-role-protects-pprof: + ocp4-cis-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-least-privilege: + ocp4-cis-rbac-least-privilege: default_result: MANUAL - e2e-cis-rbac-limit-cluster-admin: + ocp4-cis-rbac-limit-cluster-admin: default_result: MANUAL - e2e-cis-rbac-limit-secrets-access: + ocp4-cis-rbac-limit-secrets-access: default_result: MANUAL - e2e-cis-rbac-pod-creation-access: + ocp4-cis-rbac-pod-creation-access: default_result: MANUAL - e2e-cis-rbac-wildcard-use: + ocp4-cis-rbac-wildcard-use: default_result: MANUAL - e2e-cis-scc-drop-container-capabilities: + ocp4-cis-scc-drop-container-capabilities: default_result: MANUAL - e2e-cis-scc-limit-container-allowed-capabilities: + ocp4-cis-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-cis-scc-limit-ipc-namespace: + ocp4-cis-scc-limit-ipc-namespace: default_result: MANUAL - e2e-cis-scc-limit-net-raw-capability: + ocp4-cis-scc-limit-net-raw-capability: default_result: MANUAL - e2e-cis-scc-limit-network-namespace: + ocp4-cis-scc-limit-network-namespace: default_result: MANUAL - e2e-cis-scc-limit-privilege-escalation: + ocp4-cis-scc-limit-privilege-escalation: default_result: MANUAL - e2e-cis-scc-limit-privileged-containers: + ocp4-cis-scc-limit-privileged-containers: default_result: MANUAL - e2e-cis-scc-limit-process-id-namespace: + ocp4-cis-scc-limit-process-id-namespace: default_result: MANUAL - e2e-cis-scc-limit-root-containers: + ocp4-cis-scc-limit-root-containers: default_result: MANUAL - e2e-cis-scheduler-profiling-protected-by-rbac: + ocp4-cis-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-scheduler-service-protected-by-rbac: + ocp4-cis-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-secrets-consider-external-storage: + ocp4-cis-secrets-consider-external-storage: default_result: MANUAL - e2e-cis-secrets-no-environment-variables: + ocp4-cis-secrets-no-environment-variables: default_result: MANUAL - e2e-cis-api-server-tls-security-profile-custom-min-tls-version: + ocp4-cis-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS - e2e-cis-api-server-tls-security-profile-not-old: + ocp4-cis-api-server-tls-security-profile-not-old: default_result: PASS diff --git a/tests/assertions/ocp4/ocp4-cis-4.17.yml b/tests/assertions/ocp4/ocp4-cis-4.17.yml index af3b7e57814..dcec7a24267 100644 --- a/tests/assertions/ocp4/ocp4-cis-4.17.yml +++ b/tests/assertions/ocp4/ocp4-cis-4.17.yml @@ -1,302 +1,302 @@ rule_results: - e2e-cis-accounts-restrict-service-account-tokens: + ocp4-cis-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-accounts-unique-service-account: + ocp4-cis-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-api-server-admission-control-plugin-alwaysadmit: + ocp4-cis-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-alwayspullimages: + ocp4-cis-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-namespacelifecycle: + ocp4-cis-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-noderestriction: + ocp4-cis-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-scc: + ocp4-cis-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-service-account: + ocp4-cis-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-anonymous-auth: + ocp4-cis-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-api-priority-gate-enabled: + ocp4-cis-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-audit-log-maxbackup: + ocp4-cis-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-maxsize: + ocp4-cis-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-path: + ocp4-cis-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-no-aa: + ocp4-cis-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-rbac: + ocp4-cis-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-basic-auth: + ocp4-cis-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-bind-address: + ocp4-cis-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-client-ca: + ocp4-cis-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-encryption-provider-cipher: + ocp4-cis-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-etcd-ca: + ocp4-cis-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-cert: + ocp4-cis-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-key: + ocp4-cis-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-https-for-kubelet-conn: + ocp4-cis-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-bind-address: + ocp4-cis-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-port: + ocp4-cis-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-certificate-authority: + ocp4-cis-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert: + ocp4-cis-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert-pre-4-9: + ocp4-cis-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-client-key: + ocp4-cis-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-key-pre-4-9: + ocp4-cis-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-oauth-https-serving-cert: + ocp4-cis-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-openshift-https-serving-cert: + ocp4-cis-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-profiling-protected-by-rbac: + ocp4-cis-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-request-timeout: + ocp4-cis-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-lookup: + ocp4-cis-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-public-key: + ocp4-cis-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cert: + ocp4-cis-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cipher-suites: + ocp4-cis-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-private-key: + ocp4-cis-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-token-auth: + ocp4-cis-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-log-forwarding-enabled: + ocp4-cis-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-cis-audit-log-forwarding-webhook: + ocp4-cis-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-audit-logging-enabled: + ocp4-cis-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-profile-set: + ocp4-cis-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-cis-configure-network-policies: + ocp4-cis-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-cis-configure-network-policies-hypershift-hosted: + ocp4-cis-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-configure-network-policies-namespaces: + ocp4-cis-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-insecure-port-disabled: + ocp4-cis-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-secure-port: + ocp4-cis-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-ca: + ocp4-cis-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-private-key: + ocp4-cis-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-use-service-account: + ocp4-cis-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-auto-tls: + ocp4-cis-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-cert-file: + ocp4-cis-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-client-cert-auth: + ocp4-cis-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-key-file: + ocp4-cis-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-auto-tls: + ocp4-cis-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-cert-file: + ocp4-cis-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-client-cert-auth: + ocp4-cis-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-key-file: + ocp4-cis-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-file-groupowner-proxy-kubeconfig: + ocp4-cis-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-owner-proxy-kubeconfig: + ocp4-cis-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-permissions-proxy-kubeconfig: + ocp4-cis-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-general-apply-scc: + ocp4-cis-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-namespace-use: + ocp4-cis-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-seccomp-profile: + ocp4-cis-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-namespaces-in-use: + ocp4-cis-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-idp-is-configured: + ocp4-cis-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-cis-kubeadmin-removed: + ocp4-cis-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-cis-kubelet-configure-tls-cert: + ocp4-cis-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-key: + ocp4-cis-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-disable-readonly-port: + ocp4-cis-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-allowed-registries: + ocp4-cis-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-allowed-registries-for-import: + ocp4-cis-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-api-server-audit-log-maxbackup: + ocp4-cis-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-api-server-audit-log-maxsize: + ocp4-cis-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-allowed-registries-for-import: + ocp4-cis-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-registries: + ocp4-cis-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-cis-openshift-api-server-audit-log-path: + ocp4-cis-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-debug-role-protects-pprof: + ocp4-cis-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-least-privilege: + ocp4-cis-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-cluster-admin: + ocp4-cis-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-secrets-access: + ocp4-cis-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-pod-creation-access: + ocp4-cis-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-wildcard-use: + ocp4-cis-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-drop-container-capabilities: + ocp4-cis-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-container-allowed-capabilities: + ocp4-cis-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-cis-scc-limit-ipc-namespace: + ocp4-cis-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-net-raw-capability: + ocp4-cis-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-network-namespace: + ocp4-cis-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privilege-escalation: + ocp4-cis-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privileged-containers: + ocp4-cis-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-process-id-namespace: + ocp4-cis-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-root-containers: + ocp4-cis-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scheduler-profiling-protected-by-rbac: + ocp4-cis-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-scheduler-service-protected-by-rbac: + ocp4-cis-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-secrets-consider-external-storage: + ocp4-cis-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-secrets-no-environment-variables: + ocp4-cis-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-tls-security-profile-custom-min-tls-version: + ocp4-cis-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS - e2e-cis-api-server-tls-security-profile-not-old: + ocp4-cis-api-server-tls-security-profile-not-old: default_result: PASS diff --git a/tests/assertions/ocp4/ocp4-cis-4.18.yml b/tests/assertions/ocp4/ocp4-cis-4.18.yml index af3b7e57814..dcec7a24267 100644 --- a/tests/assertions/ocp4/ocp4-cis-4.18.yml +++ b/tests/assertions/ocp4/ocp4-cis-4.18.yml @@ -1,302 +1,302 @@ rule_results: - e2e-cis-accounts-restrict-service-account-tokens: + ocp4-cis-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-accounts-unique-service-account: + ocp4-cis-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-api-server-admission-control-plugin-alwaysadmit: + ocp4-cis-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-alwayspullimages: + ocp4-cis-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-namespacelifecycle: + ocp4-cis-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-noderestriction: + ocp4-cis-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-scc: + ocp4-cis-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-service-account: + ocp4-cis-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-anonymous-auth: + ocp4-cis-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-api-priority-gate-enabled: + ocp4-cis-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-audit-log-maxbackup: + ocp4-cis-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-maxsize: + ocp4-cis-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-path: + ocp4-cis-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-no-aa: + ocp4-cis-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-rbac: + ocp4-cis-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-basic-auth: + ocp4-cis-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-bind-address: + ocp4-cis-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-client-ca: + ocp4-cis-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-encryption-provider-cipher: + ocp4-cis-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-etcd-ca: + ocp4-cis-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-cert: + ocp4-cis-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-key: + ocp4-cis-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-https-for-kubelet-conn: + ocp4-cis-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-bind-address: + ocp4-cis-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-port: + ocp4-cis-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-certificate-authority: + ocp4-cis-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert: + ocp4-cis-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert-pre-4-9: + ocp4-cis-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-client-key: + ocp4-cis-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-key-pre-4-9: + ocp4-cis-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-oauth-https-serving-cert: + ocp4-cis-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-openshift-https-serving-cert: + ocp4-cis-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-profiling-protected-by-rbac: + ocp4-cis-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-request-timeout: + ocp4-cis-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-lookup: + ocp4-cis-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-public-key: + ocp4-cis-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cert: + ocp4-cis-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cipher-suites: + ocp4-cis-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-private-key: + ocp4-cis-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-token-auth: + ocp4-cis-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-log-forwarding-enabled: + ocp4-cis-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-cis-audit-log-forwarding-webhook: + ocp4-cis-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-audit-logging-enabled: + ocp4-cis-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-profile-set: + ocp4-cis-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-cis-configure-network-policies: + ocp4-cis-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-cis-configure-network-policies-hypershift-hosted: + ocp4-cis-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-configure-network-policies-namespaces: + ocp4-cis-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-insecure-port-disabled: + ocp4-cis-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-secure-port: + ocp4-cis-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-ca: + ocp4-cis-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-private-key: + ocp4-cis-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-use-service-account: + ocp4-cis-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-auto-tls: + ocp4-cis-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-cert-file: + ocp4-cis-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-client-cert-auth: + ocp4-cis-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-key-file: + ocp4-cis-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-auto-tls: + ocp4-cis-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-cert-file: + ocp4-cis-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-client-cert-auth: + ocp4-cis-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-key-file: + ocp4-cis-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-file-groupowner-proxy-kubeconfig: + ocp4-cis-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-owner-proxy-kubeconfig: + ocp4-cis-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-permissions-proxy-kubeconfig: + ocp4-cis-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-general-apply-scc: + ocp4-cis-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-namespace-use: + ocp4-cis-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-seccomp-profile: + ocp4-cis-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-namespaces-in-use: + ocp4-cis-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-idp-is-configured: + ocp4-cis-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-cis-kubeadmin-removed: + ocp4-cis-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-cis-kubelet-configure-tls-cert: + ocp4-cis-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-key: + ocp4-cis-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-disable-readonly-port: + ocp4-cis-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-allowed-registries: + ocp4-cis-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-allowed-registries-for-import: + ocp4-cis-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-api-server-audit-log-maxbackup: + ocp4-cis-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-api-server-audit-log-maxsize: + ocp4-cis-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-allowed-registries-for-import: + ocp4-cis-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-registries: + ocp4-cis-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-cis-openshift-api-server-audit-log-path: + ocp4-cis-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-debug-role-protects-pprof: + ocp4-cis-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-least-privilege: + ocp4-cis-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-cluster-admin: + ocp4-cis-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-secrets-access: + ocp4-cis-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-pod-creation-access: + ocp4-cis-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-wildcard-use: + ocp4-cis-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-drop-container-capabilities: + ocp4-cis-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-container-allowed-capabilities: + ocp4-cis-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-cis-scc-limit-ipc-namespace: + ocp4-cis-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-net-raw-capability: + ocp4-cis-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-network-namespace: + ocp4-cis-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privilege-escalation: + ocp4-cis-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privileged-containers: + ocp4-cis-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-process-id-namespace: + ocp4-cis-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-root-containers: + ocp4-cis-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scheduler-profiling-protected-by-rbac: + ocp4-cis-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-scheduler-service-protected-by-rbac: + ocp4-cis-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-secrets-consider-external-storage: + ocp4-cis-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-secrets-no-environment-variables: + ocp4-cis-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-tls-security-profile-custom-min-tls-version: + ocp4-cis-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS - e2e-cis-api-server-tls-security-profile-not-old: + ocp4-cis-api-server-tls-security-profile-not-old: default_result: PASS diff --git a/tests/assertions/ocp4/ocp4-cis-node-4.12.yml b/tests/assertions/ocp4/ocp4-cis-node-4.12.yml index 98b11ae7283..4f0ca8e2595 100644 --- a/tests/assertions/ocp4/ocp4-cis-node-4.12.yml +++ b/tests/assertions/ocp4/ocp4-cis-node-4.12.yml @@ -1,421 +1,421 @@ rule_results: - e2e-cis-node-master-etcd-unique-ca: + ocp4-cis-node-master-etcd-unique-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-cni-conf: + ocp4-cis-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-dir: + ocp4-cis-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-files: + ocp4-cis-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-member: + ocp4-cis-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ip-allocations: + ocp4-cis-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-kube-apiserver: + ocp4-cis-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-controller-manager: + ocp4-cis-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-scheduler: + ocp4-cis-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-groupowner-kubelet-conf: + ocp4-cis-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-groupowner-multus-conf: + ocp4-cis-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovn-db-files: + ocp4-cis-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-pid: + ocp4-cis-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-ca: + ocp4-cis-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-kubeconfig: + ocp4-cis-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-service: + ocp4-cis-node-master-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-master-file-owner-cni-conf: + ocp4-cis-node-master-file-owner-cni-conf: default_result: PASS - e2e-cis-node-master-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-dir: + ocp4-cis-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-files: + ocp4-cis-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-owner-etcd-member: + ocp4-cis-node-master-file-owner-etcd-member: default_result: PASS - e2e-cis-node-master-file-owner-etcd-pki-cert-files: + ocp4-cis-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-ip-allocations: + ocp4-cis-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-kube-apiserver: + ocp4-cis-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-owner-kube-controller-manager: + ocp4-cis-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-owner-kube-scheduler: + ocp4-cis-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-owner-kubelet: + ocp4-cis-node-master-file-owner-kubelet: default_result: PASS - e2e-cis-node-master-file-owner-kubelet-conf: + ocp4-cis-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-owner-multus-conf: + ocp4-cis-node-master-file-owner-multus-conf: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-cert-files: + ocp4-cis-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-key-files: + ocp4-cis-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-ovn-cni-server-sock: + ocp4-cis-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-owner-ovn-db-files: + ocp4-cis-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db: + ocp4-cis-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db-lock: + ocp4-cis-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-owner-ovs-pid: + ocp4-cis-node-master-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovs-sys-id-conf: + ocp4-cis-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovsdb-server-pid: + ocp4-cis-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-owner-scheduler-kubeconfig: + ocp4-cis-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-ca: + ocp4-cis-node-master-file-owner-worker-ca: default_result: PASS - e2e-cis-node-master-file-owner-worker-kubeconfig: + ocp4-cis-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-service: + ocp4-cis-node-master-file-owner-worker-service: default_result: PASS - e2e-cis-node-master-file-permissions-cni-conf: + ocp4-cis-node-master-file-permissions-cni-conf: default_result: FAIL - e2e-cis-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-dir: + ocp4-cis-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-files: + ocp4-cis-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-member: + ocp4-cis-node-master-file-permissions-etcd-member: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-ip-allocations: + ocp4-cis-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-permissions-kube-apiserver: + ocp4-cis-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-permissions-kube-controller-manager: + ocp4-cis-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-permissions-kubelet-conf: + ocp4-cis-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-permissions-multus-conf: + ocp4-cis-node-master-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-key-files: + ocp4-cis-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-db-files: + ocp4-cis-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db: + ocp4-cis-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-pid: + ocp4-cis-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovsdb-server-pid: + ocp4-cis-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler: + ocp4-cis-node-master-file-permissions-scheduler: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-ca: + ocp4-cis-node-master-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-master-file-permissions-worker-kubeconfig: + ocp4-cis-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-service: + ocp4-cis-node-master-file-permissions-worker-service: default_result: PASS - e2e-cis-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-kubelet-anonymous-auth: + ocp4-cis-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-master-kubelet-authorization-mode: + ocp4-cis-node-master-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-master-kubelet-configure-client-ca: + ocp4-cis-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-master-kubelet-configure-event-creation: + ocp4-cis-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-master-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-master-kubelet-enable-cert-rotation: + ocp4-cis-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-client-cert-rotation: + ocp4-cis-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-iptables-util-chains: + ocp4-cis-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-master-kubelet-enable-server-cert-rotation: + ocp4-cis-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-streaming-connections: + ocp4-cis-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-worker-etcd-unique-ca: + ocp4-cis-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-cni-conf: + ocp4-cis-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-dir: + ocp4-cis-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-files: + ocp4-cis-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-member: + ocp4-cis-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ip-allocations: + ocp4-cis-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-apiserver: + ocp4-cis-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-controller-manager: + ocp4-cis-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-scheduler: + ocp4-cis-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kubelet-conf: + ocp4-cis-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-multus-conf: + ocp4-cis-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovn-db-files: + ocp4-cis-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-pid: + ocp4-cis-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-worker-ca: + ocp4-cis-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-kubeconfig: + ocp4-cis-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-service: + ocp4-cis-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-worker-file-owner-cni-conf: + ocp4-cis-node-worker-file-owner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-dir: + ocp4-cis-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-files: + ocp4-cis-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-member: + ocp4-cis-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ip-allocations: + ocp4-cis-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-apiserver: + ocp4-cis-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-controller-manager: + ocp4-cis-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-scheduler: + ocp4-cis-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kubelet: + ocp4-cis-node-worker-file-owner-kubelet: default_result: PASS - e2e-cis-node-worker-file-owner-kubelet-conf: + ocp4-cis-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-multus-conf: + ocp4-cis-node-worker-file-owner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-owner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-pki-key-files: + ocp4-cis-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-owner-ovn-db-files: + ocp4-cis-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db: + ocp4-cis-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-pid: + ocp4-cis-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovsdb-server-pid: + ocp4-cis-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-owner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-worker-ca: + ocp4-cis-node-worker-file-owner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-owner-worker-kubeconfig: + ocp4-cis-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-owner-worker-service: + ocp4-cis-node-worker-file-owner-worker-service: default_result: PASS - e2e-cis-node-worker-file-permissions-cni-conf: + ocp4-cis-node-worker-file-permissions-cni-conf: default_result: FAIL - e2e-cis-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-dir: + ocp4-cis-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-files: + ocp4-cis-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-member: + ocp4-cis-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ip-allocations: + ocp4-cis-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-apiserver: + ocp4-cis-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-controller-manager: + ocp4-cis-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kubelet-conf: + ocp4-cis-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-multus-conf: + ocp4-cis-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-openshift-pki-key-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovn-db-files: + ocp4-cis-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db: + ocp4-cis-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-pid: + ocp4-cis-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovsdb-server-pid: + ocp4-cis-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-scheduler: + ocp4-cis-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-worker-ca: + ocp4-cis-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-kubeconfig: + ocp4-cis-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-service: + ocp4-cis-node-worker-file-permissions-worker-service: default_result: PASS - e2e-cis-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-kubelet-anonymous-auth: + ocp4-cis-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-worker-kubelet-authorization-mode: + ocp4-cis-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-worker-kubelet-configure-client-ca: + ocp4-cis-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-worker-kubelet-configure-event-creation: + ocp4-cis-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-worker-kubelet-enable-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-client-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-iptables-util-chains: + ocp4-cis-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-worker-kubelet-enable-server-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-streaming-connections: + ocp4-cis-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-cis-node-4.13.yml b/tests/assertions/ocp4/ocp4-cis-node-4.13.yml index 98b11ae7283..4f0ca8e2595 100644 --- a/tests/assertions/ocp4/ocp4-cis-node-4.13.yml +++ b/tests/assertions/ocp4/ocp4-cis-node-4.13.yml @@ -1,421 +1,421 @@ rule_results: - e2e-cis-node-master-etcd-unique-ca: + ocp4-cis-node-master-etcd-unique-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-cni-conf: + ocp4-cis-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-dir: + ocp4-cis-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-files: + ocp4-cis-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-member: + ocp4-cis-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ip-allocations: + ocp4-cis-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-kube-apiserver: + ocp4-cis-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-controller-manager: + ocp4-cis-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-scheduler: + ocp4-cis-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-groupowner-kubelet-conf: + ocp4-cis-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-groupowner-multus-conf: + ocp4-cis-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovn-db-files: + ocp4-cis-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-pid: + ocp4-cis-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-ca: + ocp4-cis-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-kubeconfig: + ocp4-cis-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-service: + ocp4-cis-node-master-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-master-file-owner-cni-conf: + ocp4-cis-node-master-file-owner-cni-conf: default_result: PASS - e2e-cis-node-master-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-dir: + ocp4-cis-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-files: + ocp4-cis-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-owner-etcd-member: + ocp4-cis-node-master-file-owner-etcd-member: default_result: PASS - e2e-cis-node-master-file-owner-etcd-pki-cert-files: + ocp4-cis-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-ip-allocations: + ocp4-cis-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-kube-apiserver: + ocp4-cis-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-owner-kube-controller-manager: + ocp4-cis-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-owner-kube-scheduler: + ocp4-cis-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-owner-kubelet: + ocp4-cis-node-master-file-owner-kubelet: default_result: PASS - e2e-cis-node-master-file-owner-kubelet-conf: + ocp4-cis-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-owner-multus-conf: + ocp4-cis-node-master-file-owner-multus-conf: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-cert-files: + ocp4-cis-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-key-files: + ocp4-cis-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-ovn-cni-server-sock: + ocp4-cis-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-owner-ovn-db-files: + ocp4-cis-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db: + ocp4-cis-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db-lock: + ocp4-cis-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-owner-ovs-pid: + ocp4-cis-node-master-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovs-sys-id-conf: + ocp4-cis-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovsdb-server-pid: + ocp4-cis-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-owner-scheduler-kubeconfig: + ocp4-cis-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-ca: + ocp4-cis-node-master-file-owner-worker-ca: default_result: PASS - e2e-cis-node-master-file-owner-worker-kubeconfig: + ocp4-cis-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-service: + ocp4-cis-node-master-file-owner-worker-service: default_result: PASS - e2e-cis-node-master-file-permissions-cni-conf: + ocp4-cis-node-master-file-permissions-cni-conf: default_result: FAIL - e2e-cis-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-dir: + ocp4-cis-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-files: + ocp4-cis-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-member: + ocp4-cis-node-master-file-permissions-etcd-member: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-ip-allocations: + ocp4-cis-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-permissions-kube-apiserver: + ocp4-cis-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-permissions-kube-controller-manager: + ocp4-cis-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-permissions-kubelet-conf: + ocp4-cis-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-permissions-multus-conf: + ocp4-cis-node-master-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-key-files: + ocp4-cis-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-db-files: + ocp4-cis-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db: + ocp4-cis-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-pid: + ocp4-cis-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovsdb-server-pid: + ocp4-cis-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler: + ocp4-cis-node-master-file-permissions-scheduler: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-ca: + ocp4-cis-node-master-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-master-file-permissions-worker-kubeconfig: + ocp4-cis-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-service: + ocp4-cis-node-master-file-permissions-worker-service: default_result: PASS - e2e-cis-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-kubelet-anonymous-auth: + ocp4-cis-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-master-kubelet-authorization-mode: + ocp4-cis-node-master-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-master-kubelet-configure-client-ca: + ocp4-cis-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-master-kubelet-configure-event-creation: + ocp4-cis-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-master-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-master-kubelet-enable-cert-rotation: + ocp4-cis-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-client-cert-rotation: + ocp4-cis-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-iptables-util-chains: + ocp4-cis-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-master-kubelet-enable-server-cert-rotation: + ocp4-cis-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-streaming-connections: + ocp4-cis-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-worker-etcd-unique-ca: + ocp4-cis-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-cni-conf: + ocp4-cis-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-dir: + ocp4-cis-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-files: + ocp4-cis-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-member: + ocp4-cis-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ip-allocations: + ocp4-cis-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-apiserver: + ocp4-cis-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-controller-manager: + ocp4-cis-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-scheduler: + ocp4-cis-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kubelet-conf: + ocp4-cis-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-multus-conf: + ocp4-cis-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovn-db-files: + ocp4-cis-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-pid: + ocp4-cis-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-worker-ca: + ocp4-cis-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-kubeconfig: + ocp4-cis-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-service: + ocp4-cis-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-worker-file-owner-cni-conf: + ocp4-cis-node-worker-file-owner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-dir: + ocp4-cis-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-files: + ocp4-cis-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-member: + ocp4-cis-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ip-allocations: + ocp4-cis-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-apiserver: + ocp4-cis-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-controller-manager: + ocp4-cis-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-scheduler: + ocp4-cis-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kubelet: + ocp4-cis-node-worker-file-owner-kubelet: default_result: PASS - e2e-cis-node-worker-file-owner-kubelet-conf: + ocp4-cis-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-multus-conf: + ocp4-cis-node-worker-file-owner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-owner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-pki-key-files: + ocp4-cis-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-owner-ovn-db-files: + ocp4-cis-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db: + ocp4-cis-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-pid: + ocp4-cis-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovsdb-server-pid: + ocp4-cis-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-owner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-worker-ca: + ocp4-cis-node-worker-file-owner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-owner-worker-kubeconfig: + ocp4-cis-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-owner-worker-service: + ocp4-cis-node-worker-file-owner-worker-service: default_result: PASS - e2e-cis-node-worker-file-permissions-cni-conf: + ocp4-cis-node-worker-file-permissions-cni-conf: default_result: FAIL - e2e-cis-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-dir: + ocp4-cis-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-files: + ocp4-cis-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-member: + ocp4-cis-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ip-allocations: + ocp4-cis-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-apiserver: + ocp4-cis-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-controller-manager: + ocp4-cis-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kubelet-conf: + ocp4-cis-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-multus-conf: + ocp4-cis-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-openshift-pki-key-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovn-db-files: + ocp4-cis-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db: + ocp4-cis-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-pid: + ocp4-cis-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovsdb-server-pid: + ocp4-cis-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-scheduler: + ocp4-cis-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-worker-ca: + ocp4-cis-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-kubeconfig: + ocp4-cis-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-service: + ocp4-cis-node-worker-file-permissions-worker-service: default_result: PASS - e2e-cis-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-kubelet-anonymous-auth: + ocp4-cis-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-worker-kubelet-authorization-mode: + ocp4-cis-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-worker-kubelet-configure-client-ca: + ocp4-cis-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-worker-kubelet-configure-event-creation: + ocp4-cis-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-worker-kubelet-enable-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-client-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-iptables-util-chains: + ocp4-cis-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-worker-kubelet-enable-server-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-streaming-connections: + ocp4-cis-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-cis-node-4.14.yml b/tests/assertions/ocp4/ocp4-cis-node-4.14.yml index 8b498653fd5..7a6c5dc4575 100644 --- a/tests/assertions/ocp4/ocp4-cis-node-4.14.yml +++ b/tests/assertions/ocp4/ocp4-cis-node-4.14.yml @@ -1,421 +1,421 @@ rule_results: - e2e-cis-node-master-etcd-unique-ca: + ocp4-cis-node-master-etcd-unique-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-cni-conf: + ocp4-cis-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-dir: + ocp4-cis-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-files: + ocp4-cis-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-member: + ocp4-cis-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ip-allocations: + ocp4-cis-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-kube-apiserver: + ocp4-cis-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-controller-manager: + ocp4-cis-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-scheduler: + ocp4-cis-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-groupowner-kubelet-conf: + ocp4-cis-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-groupowner-multus-conf: + ocp4-cis-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovn-db-files: + ocp4-cis-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-pid: + ocp4-cis-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-ca: + ocp4-cis-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-kubeconfig: + ocp4-cis-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-service: + ocp4-cis-node-master-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-master-file-owner-cni-conf: + ocp4-cis-node-master-file-owner-cni-conf: default_result: PASS - e2e-cis-node-master-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-dir: + ocp4-cis-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-files: + ocp4-cis-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-owner-etcd-member: + ocp4-cis-node-master-file-owner-etcd-member: default_result: PASS - e2e-cis-node-master-file-owner-etcd-pki-cert-files: + ocp4-cis-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-ip-allocations: + ocp4-cis-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-kube-apiserver: + ocp4-cis-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-owner-kube-controller-manager: + ocp4-cis-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-owner-kube-scheduler: + ocp4-cis-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-owner-kubelet: + ocp4-cis-node-master-file-owner-kubelet: default_result: PASS - e2e-cis-node-master-file-owner-kubelet-conf: + ocp4-cis-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-owner-multus-conf: + ocp4-cis-node-master-file-owner-multus-conf: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-cert-files: + ocp4-cis-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-key-files: + ocp4-cis-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-ovn-cni-server-sock: + ocp4-cis-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-owner-ovn-db-files: + ocp4-cis-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db: + ocp4-cis-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db-lock: + ocp4-cis-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-owner-ovs-pid: + ocp4-cis-node-master-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovs-sys-id-conf: + ocp4-cis-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovsdb-server-pid: + ocp4-cis-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-owner-scheduler-kubeconfig: + ocp4-cis-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-ca: + ocp4-cis-node-master-file-owner-worker-ca: default_result: PASS - e2e-cis-node-master-file-owner-worker-kubeconfig: + ocp4-cis-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-service: + ocp4-cis-node-master-file-owner-worker-service: default_result: PASS - e2e-cis-node-master-file-permissions-cni-conf: + ocp4-cis-node-master-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-dir: + ocp4-cis-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-files: + ocp4-cis-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-member: + ocp4-cis-node-master-file-permissions-etcd-member: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-ip-allocations: + ocp4-cis-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-permissions-kube-apiserver: + ocp4-cis-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-permissions-kube-controller-manager: + ocp4-cis-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-permissions-kubelet-conf: + ocp4-cis-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-permissions-multus-conf: + ocp4-cis-node-master-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-key-files: + ocp4-cis-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-db-files: + ocp4-cis-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db: + ocp4-cis-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-pid: + ocp4-cis-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovsdb-server-pid: + ocp4-cis-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler: + ocp4-cis-node-master-file-permissions-scheduler: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-ca: + ocp4-cis-node-master-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-master-file-permissions-worker-kubeconfig: + ocp4-cis-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-service: + ocp4-cis-node-master-file-permissions-worker-service: default_result: PASS - e2e-cis-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-kubelet-anonymous-auth: + ocp4-cis-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-master-kubelet-authorization-mode: + ocp4-cis-node-master-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-master-kubelet-configure-client-ca: + ocp4-cis-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-master-kubelet-configure-event-creation: + ocp4-cis-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-master-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-master-kubelet-enable-cert-rotation: + ocp4-cis-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-client-cert-rotation: + ocp4-cis-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-iptables-util-chains: + ocp4-cis-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-master-kubelet-enable-server-cert-rotation: + ocp4-cis-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-streaming-connections: + ocp4-cis-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-worker-etcd-unique-ca: + ocp4-cis-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-cni-conf: + ocp4-cis-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-dir: + ocp4-cis-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-files: + ocp4-cis-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-member: + ocp4-cis-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ip-allocations: + ocp4-cis-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-apiserver: + ocp4-cis-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-controller-manager: + ocp4-cis-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-scheduler: + ocp4-cis-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kubelet-conf: + ocp4-cis-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-multus-conf: + ocp4-cis-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovn-db-files: + ocp4-cis-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-pid: + ocp4-cis-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-worker-ca: + ocp4-cis-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-kubeconfig: + ocp4-cis-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-service: + ocp4-cis-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-worker-file-owner-cni-conf: + ocp4-cis-node-worker-file-owner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-dir: + ocp4-cis-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-files: + ocp4-cis-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-member: + ocp4-cis-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ip-allocations: + ocp4-cis-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-apiserver: + ocp4-cis-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-controller-manager: + ocp4-cis-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-scheduler: + ocp4-cis-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kubelet: + ocp4-cis-node-worker-file-owner-kubelet: default_result: PASS - e2e-cis-node-worker-file-owner-kubelet-conf: + ocp4-cis-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-multus-conf: + ocp4-cis-node-worker-file-owner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-owner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-pki-key-files: + ocp4-cis-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-owner-ovn-db-files: + ocp4-cis-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db: + ocp4-cis-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-pid: + ocp4-cis-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovsdb-server-pid: + ocp4-cis-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-owner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-worker-ca: + ocp4-cis-node-worker-file-owner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-owner-worker-kubeconfig: + ocp4-cis-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-owner-worker-service: + ocp4-cis-node-worker-file-owner-worker-service: default_result: PASS - e2e-cis-node-worker-file-permissions-cni-conf: + ocp4-cis-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-dir: + ocp4-cis-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-files: + ocp4-cis-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-member: + ocp4-cis-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ip-allocations: + ocp4-cis-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-apiserver: + ocp4-cis-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-controller-manager: + ocp4-cis-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kubelet-conf: + ocp4-cis-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-multus-conf: + ocp4-cis-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-openshift-pki-key-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovn-db-files: + ocp4-cis-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db: + ocp4-cis-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-pid: + ocp4-cis-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovsdb-server-pid: + ocp4-cis-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-scheduler: + ocp4-cis-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-worker-ca: + ocp4-cis-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-kubeconfig: + ocp4-cis-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-service: + ocp4-cis-node-worker-file-permissions-worker-service: default_result: PASS - e2e-cis-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-kubelet-anonymous-auth: + ocp4-cis-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-worker-kubelet-authorization-mode: + ocp4-cis-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-worker-kubelet-configure-client-ca: + ocp4-cis-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-worker-kubelet-configure-event-creation: + ocp4-cis-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-worker-kubelet-enable-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-client-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-iptables-util-chains: + ocp4-cis-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-worker-kubelet-enable-server-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-streaming-connections: + ocp4-cis-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-cis-node-4.15.yml b/tests/assertions/ocp4/ocp4-cis-node-4.15.yml index 8b498653fd5..7a6c5dc4575 100644 --- a/tests/assertions/ocp4/ocp4-cis-node-4.15.yml +++ b/tests/assertions/ocp4/ocp4-cis-node-4.15.yml @@ -1,421 +1,421 @@ rule_results: - e2e-cis-node-master-etcd-unique-ca: + ocp4-cis-node-master-etcd-unique-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-cni-conf: + ocp4-cis-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-dir: + ocp4-cis-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-files: + ocp4-cis-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-member: + ocp4-cis-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ip-allocations: + ocp4-cis-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-kube-apiserver: + ocp4-cis-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-controller-manager: + ocp4-cis-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-scheduler: + ocp4-cis-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-groupowner-kubelet-conf: + ocp4-cis-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-groupowner-multus-conf: + ocp4-cis-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovn-db-files: + ocp4-cis-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-pid: + ocp4-cis-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-ca: + ocp4-cis-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-kubeconfig: + ocp4-cis-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-service: + ocp4-cis-node-master-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-master-file-owner-cni-conf: + ocp4-cis-node-master-file-owner-cni-conf: default_result: PASS - e2e-cis-node-master-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-dir: + ocp4-cis-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-files: + ocp4-cis-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-owner-etcd-member: + ocp4-cis-node-master-file-owner-etcd-member: default_result: PASS - e2e-cis-node-master-file-owner-etcd-pki-cert-files: + ocp4-cis-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-ip-allocations: + ocp4-cis-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-kube-apiserver: + ocp4-cis-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-owner-kube-controller-manager: + ocp4-cis-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-owner-kube-scheduler: + ocp4-cis-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-owner-kubelet: + ocp4-cis-node-master-file-owner-kubelet: default_result: PASS - e2e-cis-node-master-file-owner-kubelet-conf: + ocp4-cis-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-owner-multus-conf: + ocp4-cis-node-master-file-owner-multus-conf: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-cert-files: + ocp4-cis-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-key-files: + ocp4-cis-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-ovn-cni-server-sock: + ocp4-cis-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-owner-ovn-db-files: + ocp4-cis-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db: + ocp4-cis-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db-lock: + ocp4-cis-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-owner-ovs-pid: + ocp4-cis-node-master-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovs-sys-id-conf: + ocp4-cis-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovsdb-server-pid: + ocp4-cis-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-owner-scheduler-kubeconfig: + ocp4-cis-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-ca: + ocp4-cis-node-master-file-owner-worker-ca: default_result: PASS - e2e-cis-node-master-file-owner-worker-kubeconfig: + ocp4-cis-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-service: + ocp4-cis-node-master-file-owner-worker-service: default_result: PASS - e2e-cis-node-master-file-permissions-cni-conf: + ocp4-cis-node-master-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-dir: + ocp4-cis-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-files: + ocp4-cis-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-member: + ocp4-cis-node-master-file-permissions-etcd-member: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-ip-allocations: + ocp4-cis-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-permissions-kube-apiserver: + ocp4-cis-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-permissions-kube-controller-manager: + ocp4-cis-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-permissions-kubelet-conf: + ocp4-cis-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-permissions-multus-conf: + ocp4-cis-node-master-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-key-files: + ocp4-cis-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-db-files: + ocp4-cis-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db: + ocp4-cis-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-pid: + ocp4-cis-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovsdb-server-pid: + ocp4-cis-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler: + ocp4-cis-node-master-file-permissions-scheduler: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-ca: + ocp4-cis-node-master-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-master-file-permissions-worker-kubeconfig: + ocp4-cis-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-service: + ocp4-cis-node-master-file-permissions-worker-service: default_result: PASS - e2e-cis-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-kubelet-anonymous-auth: + ocp4-cis-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-master-kubelet-authorization-mode: + ocp4-cis-node-master-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-master-kubelet-configure-client-ca: + ocp4-cis-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-master-kubelet-configure-event-creation: + ocp4-cis-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-master-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-master-kubelet-enable-cert-rotation: + ocp4-cis-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-client-cert-rotation: + ocp4-cis-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-iptables-util-chains: + ocp4-cis-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-master-kubelet-enable-server-cert-rotation: + ocp4-cis-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-streaming-connections: + ocp4-cis-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-worker-etcd-unique-ca: + ocp4-cis-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-cni-conf: + ocp4-cis-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-dir: + ocp4-cis-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-files: + ocp4-cis-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-member: + ocp4-cis-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ip-allocations: + ocp4-cis-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-apiserver: + ocp4-cis-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-controller-manager: + ocp4-cis-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-scheduler: + ocp4-cis-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kubelet-conf: + ocp4-cis-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-multus-conf: + ocp4-cis-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovn-db-files: + ocp4-cis-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-pid: + ocp4-cis-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-worker-ca: + ocp4-cis-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-kubeconfig: + ocp4-cis-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-service: + ocp4-cis-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-worker-file-owner-cni-conf: + ocp4-cis-node-worker-file-owner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-dir: + ocp4-cis-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-files: + ocp4-cis-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-member: + ocp4-cis-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ip-allocations: + ocp4-cis-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-apiserver: + ocp4-cis-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-controller-manager: + ocp4-cis-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-scheduler: + ocp4-cis-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kubelet: + ocp4-cis-node-worker-file-owner-kubelet: default_result: PASS - e2e-cis-node-worker-file-owner-kubelet-conf: + ocp4-cis-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-multus-conf: + ocp4-cis-node-worker-file-owner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-owner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-pki-key-files: + ocp4-cis-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-owner-ovn-db-files: + ocp4-cis-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db: + ocp4-cis-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-pid: + ocp4-cis-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovsdb-server-pid: + ocp4-cis-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-owner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-worker-ca: + ocp4-cis-node-worker-file-owner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-owner-worker-kubeconfig: + ocp4-cis-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-owner-worker-service: + ocp4-cis-node-worker-file-owner-worker-service: default_result: PASS - e2e-cis-node-worker-file-permissions-cni-conf: + ocp4-cis-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-dir: + ocp4-cis-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-files: + ocp4-cis-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-member: + ocp4-cis-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ip-allocations: + ocp4-cis-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-apiserver: + ocp4-cis-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-controller-manager: + ocp4-cis-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kubelet-conf: + ocp4-cis-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-multus-conf: + ocp4-cis-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-openshift-pki-key-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovn-db-files: + ocp4-cis-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db: + ocp4-cis-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-pid: + ocp4-cis-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovsdb-server-pid: + ocp4-cis-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-scheduler: + ocp4-cis-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-worker-ca: + ocp4-cis-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-kubeconfig: + ocp4-cis-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-service: + ocp4-cis-node-worker-file-permissions-worker-service: default_result: PASS - e2e-cis-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-kubelet-anonymous-auth: + ocp4-cis-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-worker-kubelet-authorization-mode: + ocp4-cis-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-worker-kubelet-configure-client-ca: + ocp4-cis-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-worker-kubelet-configure-event-creation: + ocp4-cis-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-worker-kubelet-enable-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-client-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-iptables-util-chains: + ocp4-cis-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-worker-kubelet-enable-server-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-streaming-connections: + ocp4-cis-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-cis-node-4.16.yml b/tests/assertions/ocp4/ocp4-cis-node-4.16.yml index 8b498653fd5..7a6c5dc4575 100644 --- a/tests/assertions/ocp4/ocp4-cis-node-4.16.yml +++ b/tests/assertions/ocp4/ocp4-cis-node-4.16.yml @@ -1,421 +1,421 @@ rule_results: - e2e-cis-node-master-etcd-unique-ca: + ocp4-cis-node-master-etcd-unique-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-cni-conf: + ocp4-cis-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-dir: + ocp4-cis-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-files: + ocp4-cis-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-member: + ocp4-cis-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ip-allocations: + ocp4-cis-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-kube-apiserver: + ocp4-cis-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-controller-manager: + ocp4-cis-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-scheduler: + ocp4-cis-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-groupowner-kubelet-conf: + ocp4-cis-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-groupowner-multus-conf: + ocp4-cis-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovn-db-files: + ocp4-cis-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-pid: + ocp4-cis-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-ca: + ocp4-cis-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-kubeconfig: + ocp4-cis-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-service: + ocp4-cis-node-master-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-master-file-owner-cni-conf: + ocp4-cis-node-master-file-owner-cni-conf: default_result: PASS - e2e-cis-node-master-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-dir: + ocp4-cis-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-files: + ocp4-cis-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-owner-etcd-member: + ocp4-cis-node-master-file-owner-etcd-member: default_result: PASS - e2e-cis-node-master-file-owner-etcd-pki-cert-files: + ocp4-cis-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-ip-allocations: + ocp4-cis-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-kube-apiserver: + ocp4-cis-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-owner-kube-controller-manager: + ocp4-cis-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-owner-kube-scheduler: + ocp4-cis-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-owner-kubelet: + ocp4-cis-node-master-file-owner-kubelet: default_result: PASS - e2e-cis-node-master-file-owner-kubelet-conf: + ocp4-cis-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-owner-multus-conf: + ocp4-cis-node-master-file-owner-multus-conf: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-cert-files: + ocp4-cis-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-key-files: + ocp4-cis-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-ovn-cni-server-sock: + ocp4-cis-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-owner-ovn-db-files: + ocp4-cis-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db: + ocp4-cis-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db-lock: + ocp4-cis-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-owner-ovs-pid: + ocp4-cis-node-master-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovs-sys-id-conf: + ocp4-cis-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovsdb-server-pid: + ocp4-cis-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-owner-scheduler-kubeconfig: + ocp4-cis-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-ca: + ocp4-cis-node-master-file-owner-worker-ca: default_result: PASS - e2e-cis-node-master-file-owner-worker-kubeconfig: + ocp4-cis-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-service: + ocp4-cis-node-master-file-owner-worker-service: default_result: PASS - e2e-cis-node-master-file-permissions-cni-conf: + ocp4-cis-node-master-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-dir: + ocp4-cis-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-files: + ocp4-cis-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-member: + ocp4-cis-node-master-file-permissions-etcd-member: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-ip-allocations: + ocp4-cis-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-permissions-kube-apiserver: + ocp4-cis-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-permissions-kube-controller-manager: + ocp4-cis-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-permissions-kubelet-conf: + ocp4-cis-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-permissions-multus-conf: + ocp4-cis-node-master-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-key-files: + ocp4-cis-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-db-files: + ocp4-cis-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db: + ocp4-cis-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-pid: + ocp4-cis-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovsdb-server-pid: + ocp4-cis-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler: + ocp4-cis-node-master-file-permissions-scheduler: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-ca: + ocp4-cis-node-master-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-master-file-permissions-worker-kubeconfig: + ocp4-cis-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-service: + ocp4-cis-node-master-file-permissions-worker-service: default_result: PASS - e2e-cis-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-kubelet-anonymous-auth: + ocp4-cis-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-master-kubelet-authorization-mode: + ocp4-cis-node-master-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-master-kubelet-configure-client-ca: + ocp4-cis-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-master-kubelet-configure-event-creation: + ocp4-cis-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-master-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-master-kubelet-enable-cert-rotation: + ocp4-cis-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-client-cert-rotation: + ocp4-cis-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-iptables-util-chains: + ocp4-cis-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-master-kubelet-enable-server-cert-rotation: + ocp4-cis-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-streaming-connections: + ocp4-cis-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-worker-etcd-unique-ca: + ocp4-cis-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-cni-conf: + ocp4-cis-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-dir: + ocp4-cis-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-files: + ocp4-cis-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-member: + ocp4-cis-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ip-allocations: + ocp4-cis-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-apiserver: + ocp4-cis-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-controller-manager: + ocp4-cis-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-scheduler: + ocp4-cis-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kubelet-conf: + ocp4-cis-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-multus-conf: + ocp4-cis-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovn-db-files: + ocp4-cis-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-pid: + ocp4-cis-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-worker-ca: + ocp4-cis-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-kubeconfig: + ocp4-cis-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-service: + ocp4-cis-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-worker-file-owner-cni-conf: + ocp4-cis-node-worker-file-owner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-dir: + ocp4-cis-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-files: + ocp4-cis-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-member: + ocp4-cis-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ip-allocations: + ocp4-cis-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-apiserver: + ocp4-cis-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-controller-manager: + ocp4-cis-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-scheduler: + ocp4-cis-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kubelet: + ocp4-cis-node-worker-file-owner-kubelet: default_result: PASS - e2e-cis-node-worker-file-owner-kubelet-conf: + ocp4-cis-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-multus-conf: + ocp4-cis-node-worker-file-owner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-owner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-pki-key-files: + ocp4-cis-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-owner-ovn-db-files: + ocp4-cis-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db: + ocp4-cis-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-pid: + ocp4-cis-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovsdb-server-pid: + ocp4-cis-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-owner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-worker-ca: + ocp4-cis-node-worker-file-owner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-owner-worker-kubeconfig: + ocp4-cis-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-owner-worker-service: + ocp4-cis-node-worker-file-owner-worker-service: default_result: PASS - e2e-cis-node-worker-file-permissions-cni-conf: + ocp4-cis-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-dir: + ocp4-cis-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-files: + ocp4-cis-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-member: + ocp4-cis-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ip-allocations: + ocp4-cis-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-apiserver: + ocp4-cis-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-controller-manager: + ocp4-cis-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kubelet-conf: + ocp4-cis-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-multus-conf: + ocp4-cis-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-openshift-pki-key-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovn-db-files: + ocp4-cis-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db: + ocp4-cis-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-pid: + ocp4-cis-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovsdb-server-pid: + ocp4-cis-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-scheduler: + ocp4-cis-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-worker-ca: + ocp4-cis-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-kubeconfig: + ocp4-cis-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-service: + ocp4-cis-node-worker-file-permissions-worker-service: default_result: PASS - e2e-cis-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-kubelet-anonymous-auth: + ocp4-cis-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-worker-kubelet-authorization-mode: + ocp4-cis-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-worker-kubelet-configure-client-ca: + ocp4-cis-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-worker-kubelet-configure-event-creation: + ocp4-cis-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-worker-kubelet-enable-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-client-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-iptables-util-chains: + ocp4-cis-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-worker-kubelet-enable-server-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-streaming-connections: + ocp4-cis-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-cis-node-4.17.yml b/tests/assertions/ocp4/ocp4-cis-node-4.17.yml index 8b498653fd5..7a6c5dc4575 100644 --- a/tests/assertions/ocp4/ocp4-cis-node-4.17.yml +++ b/tests/assertions/ocp4/ocp4-cis-node-4.17.yml @@ -1,421 +1,421 @@ rule_results: - e2e-cis-node-master-etcd-unique-ca: + ocp4-cis-node-master-etcd-unique-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-cni-conf: + ocp4-cis-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-dir: + ocp4-cis-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-files: + ocp4-cis-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-member: + ocp4-cis-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ip-allocations: + ocp4-cis-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-kube-apiserver: + ocp4-cis-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-controller-manager: + ocp4-cis-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-scheduler: + ocp4-cis-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-groupowner-kubelet-conf: + ocp4-cis-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-groupowner-multus-conf: + ocp4-cis-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovn-db-files: + ocp4-cis-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-pid: + ocp4-cis-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-ca: + ocp4-cis-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-kubeconfig: + ocp4-cis-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-service: + ocp4-cis-node-master-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-master-file-owner-cni-conf: + ocp4-cis-node-master-file-owner-cni-conf: default_result: PASS - e2e-cis-node-master-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-dir: + ocp4-cis-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-files: + ocp4-cis-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-owner-etcd-member: + ocp4-cis-node-master-file-owner-etcd-member: default_result: PASS - e2e-cis-node-master-file-owner-etcd-pki-cert-files: + ocp4-cis-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-ip-allocations: + ocp4-cis-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-kube-apiserver: + ocp4-cis-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-owner-kube-controller-manager: + ocp4-cis-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-owner-kube-scheduler: + ocp4-cis-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-owner-kubelet: + ocp4-cis-node-master-file-owner-kubelet: default_result: PASS - e2e-cis-node-master-file-owner-kubelet-conf: + ocp4-cis-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-owner-multus-conf: + ocp4-cis-node-master-file-owner-multus-conf: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-cert-files: + ocp4-cis-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-key-files: + ocp4-cis-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-ovn-cni-server-sock: + ocp4-cis-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-owner-ovn-db-files: + ocp4-cis-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db: + ocp4-cis-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db-lock: + ocp4-cis-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-owner-ovs-pid: + ocp4-cis-node-master-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovs-sys-id-conf: + ocp4-cis-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovsdb-server-pid: + ocp4-cis-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-owner-scheduler-kubeconfig: + ocp4-cis-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-ca: + ocp4-cis-node-master-file-owner-worker-ca: default_result: PASS - e2e-cis-node-master-file-owner-worker-kubeconfig: + ocp4-cis-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-service: + ocp4-cis-node-master-file-owner-worker-service: default_result: PASS - e2e-cis-node-master-file-permissions-cni-conf: + ocp4-cis-node-master-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-dir: + ocp4-cis-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-files: + ocp4-cis-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-member: + ocp4-cis-node-master-file-permissions-etcd-member: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-ip-allocations: + ocp4-cis-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-permissions-kube-apiserver: + ocp4-cis-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-permissions-kube-controller-manager: + ocp4-cis-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-permissions-kubelet-conf: + ocp4-cis-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-permissions-multus-conf: + ocp4-cis-node-master-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-key-files: + ocp4-cis-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-db-files: + ocp4-cis-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db: + ocp4-cis-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-pid: + ocp4-cis-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovsdb-server-pid: + ocp4-cis-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler: + ocp4-cis-node-master-file-permissions-scheduler: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-ca: + ocp4-cis-node-master-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-master-file-permissions-worker-kubeconfig: + ocp4-cis-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-service: + ocp4-cis-node-master-file-permissions-worker-service: default_result: PASS - e2e-cis-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-kubelet-anonymous-auth: + ocp4-cis-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-master-kubelet-authorization-mode: + ocp4-cis-node-master-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-master-kubelet-configure-client-ca: + ocp4-cis-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-master-kubelet-configure-event-creation: + ocp4-cis-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-master-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-master-kubelet-enable-cert-rotation: + ocp4-cis-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-client-cert-rotation: + ocp4-cis-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-iptables-util-chains: + ocp4-cis-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-master-kubelet-enable-server-cert-rotation: + ocp4-cis-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-streaming-connections: + ocp4-cis-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-worker-etcd-unique-ca: + ocp4-cis-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-cni-conf: + ocp4-cis-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-dir: + ocp4-cis-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-files: + ocp4-cis-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-member: + ocp4-cis-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ip-allocations: + ocp4-cis-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-apiserver: + ocp4-cis-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-controller-manager: + ocp4-cis-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-scheduler: + ocp4-cis-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kubelet-conf: + ocp4-cis-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-multus-conf: + ocp4-cis-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovn-db-files: + ocp4-cis-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-pid: + ocp4-cis-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-worker-ca: + ocp4-cis-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-kubeconfig: + ocp4-cis-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-service: + ocp4-cis-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-worker-file-owner-cni-conf: + ocp4-cis-node-worker-file-owner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-dir: + ocp4-cis-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-files: + ocp4-cis-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-member: + ocp4-cis-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ip-allocations: + ocp4-cis-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-apiserver: + ocp4-cis-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-controller-manager: + ocp4-cis-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-scheduler: + ocp4-cis-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kubelet: + ocp4-cis-node-worker-file-owner-kubelet: default_result: PASS - e2e-cis-node-worker-file-owner-kubelet-conf: + ocp4-cis-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-multus-conf: + ocp4-cis-node-worker-file-owner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-owner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-pki-key-files: + ocp4-cis-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-owner-ovn-db-files: + ocp4-cis-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db: + ocp4-cis-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-pid: + ocp4-cis-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovsdb-server-pid: + ocp4-cis-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-owner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-worker-ca: + ocp4-cis-node-worker-file-owner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-owner-worker-kubeconfig: + ocp4-cis-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-owner-worker-service: + ocp4-cis-node-worker-file-owner-worker-service: default_result: PASS - e2e-cis-node-worker-file-permissions-cni-conf: + ocp4-cis-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-dir: + ocp4-cis-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-files: + ocp4-cis-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-member: + ocp4-cis-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ip-allocations: + ocp4-cis-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-apiserver: + ocp4-cis-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-controller-manager: + ocp4-cis-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kubelet-conf: + ocp4-cis-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-multus-conf: + ocp4-cis-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-openshift-pki-key-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovn-db-files: + ocp4-cis-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db: + ocp4-cis-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-pid: + ocp4-cis-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovsdb-server-pid: + ocp4-cis-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-scheduler: + ocp4-cis-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-worker-ca: + ocp4-cis-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-kubeconfig: + ocp4-cis-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-service: + ocp4-cis-node-worker-file-permissions-worker-service: default_result: PASS - e2e-cis-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-kubelet-anonymous-auth: + ocp4-cis-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-worker-kubelet-authorization-mode: + ocp4-cis-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-worker-kubelet-configure-client-ca: + ocp4-cis-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-worker-kubelet-configure-event-creation: + ocp4-cis-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-worker-kubelet-enable-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-client-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-iptables-util-chains: + ocp4-cis-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-worker-kubelet-enable-server-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-streaming-connections: + ocp4-cis-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-cis-node-4.18.yml b/tests/assertions/ocp4/ocp4-cis-node-4.18.yml index 8b498653fd5..7a6c5dc4575 100644 --- a/tests/assertions/ocp4/ocp4-cis-node-4.18.yml +++ b/tests/assertions/ocp4/ocp4-cis-node-4.18.yml @@ -1,421 +1,421 @@ rule_results: - e2e-cis-node-master-etcd-unique-ca: + ocp4-cis-node-master-etcd-unique-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-cni-conf: + ocp4-cis-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-dir: + ocp4-cis-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-files: + ocp4-cis-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-member: + ocp4-cis-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ip-allocations: + ocp4-cis-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-kube-apiserver: + ocp4-cis-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-controller-manager: + ocp4-cis-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-scheduler: + ocp4-cis-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-groupowner-kubelet-conf: + ocp4-cis-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-groupowner-multus-conf: + ocp4-cis-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovn-db-files: + ocp4-cis-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-pid: + ocp4-cis-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-ca: + ocp4-cis-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-kubeconfig: + ocp4-cis-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-service: + ocp4-cis-node-master-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-master-file-owner-cni-conf: + ocp4-cis-node-master-file-owner-cni-conf: default_result: PASS - e2e-cis-node-master-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-dir: + ocp4-cis-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-files: + ocp4-cis-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-owner-etcd-member: + ocp4-cis-node-master-file-owner-etcd-member: default_result: PASS - e2e-cis-node-master-file-owner-etcd-pki-cert-files: + ocp4-cis-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-ip-allocations: + ocp4-cis-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-kube-apiserver: + ocp4-cis-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-owner-kube-controller-manager: + ocp4-cis-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-owner-kube-scheduler: + ocp4-cis-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-owner-kubelet: + ocp4-cis-node-master-file-owner-kubelet: default_result: PASS - e2e-cis-node-master-file-owner-kubelet-conf: + ocp4-cis-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-owner-multus-conf: + ocp4-cis-node-master-file-owner-multus-conf: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-cert-files: + ocp4-cis-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-key-files: + ocp4-cis-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-ovn-cni-server-sock: + ocp4-cis-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-owner-ovn-db-files: + ocp4-cis-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db: + ocp4-cis-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db-lock: + ocp4-cis-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-owner-ovs-pid: + ocp4-cis-node-master-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovs-sys-id-conf: + ocp4-cis-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovsdb-server-pid: + ocp4-cis-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-owner-scheduler-kubeconfig: + ocp4-cis-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-ca: + ocp4-cis-node-master-file-owner-worker-ca: default_result: PASS - e2e-cis-node-master-file-owner-worker-kubeconfig: + ocp4-cis-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-service: + ocp4-cis-node-master-file-owner-worker-service: default_result: PASS - e2e-cis-node-master-file-permissions-cni-conf: + ocp4-cis-node-master-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-dir: + ocp4-cis-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-files: + ocp4-cis-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-member: + ocp4-cis-node-master-file-permissions-etcd-member: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-ip-allocations: + ocp4-cis-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-permissions-kube-apiserver: + ocp4-cis-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-permissions-kube-controller-manager: + ocp4-cis-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-permissions-kubelet-conf: + ocp4-cis-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-permissions-multus-conf: + ocp4-cis-node-master-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-key-files: + ocp4-cis-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-db-files: + ocp4-cis-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db: + ocp4-cis-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-pid: + ocp4-cis-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovsdb-server-pid: + ocp4-cis-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler: + ocp4-cis-node-master-file-permissions-scheduler: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-ca: + ocp4-cis-node-master-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-master-file-permissions-worker-kubeconfig: + ocp4-cis-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-service: + ocp4-cis-node-master-file-permissions-worker-service: default_result: PASS - e2e-cis-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-kubelet-anonymous-auth: + ocp4-cis-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-master-kubelet-authorization-mode: + ocp4-cis-node-master-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-master-kubelet-configure-client-ca: + ocp4-cis-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-master-kubelet-configure-event-creation: + ocp4-cis-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-master-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-master-kubelet-enable-cert-rotation: + ocp4-cis-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-client-cert-rotation: + ocp4-cis-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-iptables-util-chains: + ocp4-cis-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-master-kubelet-enable-server-cert-rotation: + ocp4-cis-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-streaming-connections: + ocp4-cis-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-worker-etcd-unique-ca: + ocp4-cis-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-cni-conf: + ocp4-cis-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-dir: + ocp4-cis-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-files: + ocp4-cis-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-member: + ocp4-cis-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ip-allocations: + ocp4-cis-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-apiserver: + ocp4-cis-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-controller-manager: + ocp4-cis-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-scheduler: + ocp4-cis-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kubelet-conf: + ocp4-cis-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-multus-conf: + ocp4-cis-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovn-db-files: + ocp4-cis-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-pid: + ocp4-cis-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-worker-ca: + ocp4-cis-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-kubeconfig: + ocp4-cis-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-service: + ocp4-cis-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-worker-file-owner-cni-conf: + ocp4-cis-node-worker-file-owner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-dir: + ocp4-cis-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-files: + ocp4-cis-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-member: + ocp4-cis-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ip-allocations: + ocp4-cis-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-apiserver: + ocp4-cis-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-controller-manager: + ocp4-cis-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-scheduler: + ocp4-cis-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kubelet: + ocp4-cis-node-worker-file-owner-kubelet: default_result: PASS - e2e-cis-node-worker-file-owner-kubelet-conf: + ocp4-cis-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-multus-conf: + ocp4-cis-node-worker-file-owner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-owner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-pki-key-files: + ocp4-cis-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-owner-ovn-db-files: + ocp4-cis-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db: + ocp4-cis-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-pid: + ocp4-cis-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovsdb-server-pid: + ocp4-cis-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-owner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-worker-ca: + ocp4-cis-node-worker-file-owner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-owner-worker-kubeconfig: + ocp4-cis-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-owner-worker-service: + ocp4-cis-node-worker-file-owner-worker-service: default_result: PASS - e2e-cis-node-worker-file-permissions-cni-conf: + ocp4-cis-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-dir: + ocp4-cis-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-files: + ocp4-cis-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-member: + ocp4-cis-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ip-allocations: + ocp4-cis-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-apiserver: + ocp4-cis-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-controller-manager: + ocp4-cis-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kubelet-conf: + ocp4-cis-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-multus-conf: + ocp4-cis-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-openshift-pki-key-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovn-db-files: + ocp4-cis-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db: + ocp4-cis-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-pid: + ocp4-cis-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovsdb-server-pid: + ocp4-cis-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-scheduler: + ocp4-cis-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-worker-ca: + ocp4-cis-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-kubeconfig: + ocp4-cis-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-service: + ocp4-cis-node-worker-file-permissions-worker-service: default_result: PASS - e2e-cis-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-kubelet-anonymous-auth: + ocp4-cis-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-worker-kubelet-authorization-mode: + ocp4-cis-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-worker-kubelet-configure-client-ca: + ocp4-cis-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-worker-kubelet-configure-event-creation: + ocp4-cis-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-worker-kubelet-enable-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-client-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-iptables-util-chains: + ocp4-cis-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-worker-kubelet-enable-server-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-streaming-connections: + ocp4-cis-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-e8-4.12.yml b/tests/assertions/ocp4/ocp4-e8-4.12.yml index e82d5122341..22a87816f8a 100644 --- a/tests/assertions/ocp4/ocp4-e8-4.12.yml +++ b/tests/assertions/ocp4/ocp4-e8-4.12.yml @@ -1,37 +1,37 @@ rule_results: - e2e-e8-api-server-encryption-provider-cipher: + ocp4-e8-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-e8-api-server-tls-cipher-suites: + ocp4-e8-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-e8-ocp-allowed-registries: + ocp4-e8-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-e8-ocp-allowed-registries-for-import: + ocp4-e8-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-e8-ocp-idp-no-htpasswd: + ocp4-e8-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-e8-rbac-limit-cluster-admin: + ocp4-e8-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-rbac-pod-creation-access: + ocp4-e8-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-rbac-wildcard-use: + ocp4-e8-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-scc-limit-container-allowed-capabilities: + ocp4-e8-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-e8-scc-limit-privilege-escalation: + ocp4-e8-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-scc-limit-privileged-containers: + ocp4-e8-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-scc-limit-root-containers: + ocp4-e8-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-e8-4.13.yml b/tests/assertions/ocp4/ocp4-e8-4.13.yml index 3640e37f7ac..502cfbd94f6 100644 --- a/tests/assertions/ocp4/ocp4-e8-4.13.yml +++ b/tests/assertions/ocp4/ocp4-e8-4.13.yml @@ -1,29 +1,29 @@ rule_results: - e2e-e8-api-server-encryption-provider-cipher: + ocp4-e8-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-e8-api-server-tls-cipher-suites: + ocp4-e8-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-e8-ocp-allowed-registries: + ocp4-e8-ocp-allowed-registries: default_result: FAIL - e2e-e8-ocp-allowed-registries-for-import: + ocp4-e8-ocp-allowed-registries-for-import: default_result: FAIL - e2e-e8-ocp-idp-no-htpasswd: + ocp4-e8-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-e8-rbac-limit-cluster-admin: + ocp4-e8-rbac-limit-cluster-admin: default_result: MANUAL - e2e-e8-rbac-pod-creation-access: + ocp4-e8-rbac-pod-creation-access: default_result: MANUAL - e2e-e8-rbac-wildcard-use: + ocp4-e8-rbac-wildcard-use: default_result: MANUAL - e2e-e8-scc-limit-container-allowed-capabilities: + ocp4-e8-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-e8-scc-limit-privilege-escalation: + ocp4-e8-scc-limit-privilege-escalation: default_result: MANUAL - e2e-e8-scc-limit-privileged-containers: + ocp4-e8-scc-limit-privileged-containers: default_result: MANUAL - e2e-e8-scc-limit-root-containers: + ocp4-e8-scc-limit-root-containers: default_result: MANUAL diff --git a/tests/assertions/ocp4/ocp4-e8-4.14.yml b/tests/assertions/ocp4/ocp4-e8-4.14.yml index 3640e37f7ac..502cfbd94f6 100644 --- a/tests/assertions/ocp4/ocp4-e8-4.14.yml +++ b/tests/assertions/ocp4/ocp4-e8-4.14.yml @@ -1,29 +1,29 @@ rule_results: - e2e-e8-api-server-encryption-provider-cipher: + ocp4-e8-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-e8-api-server-tls-cipher-suites: + ocp4-e8-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-e8-ocp-allowed-registries: + ocp4-e8-ocp-allowed-registries: default_result: FAIL - e2e-e8-ocp-allowed-registries-for-import: + ocp4-e8-ocp-allowed-registries-for-import: default_result: FAIL - e2e-e8-ocp-idp-no-htpasswd: + ocp4-e8-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-e8-rbac-limit-cluster-admin: + ocp4-e8-rbac-limit-cluster-admin: default_result: MANUAL - e2e-e8-rbac-pod-creation-access: + ocp4-e8-rbac-pod-creation-access: default_result: MANUAL - e2e-e8-rbac-wildcard-use: + ocp4-e8-rbac-wildcard-use: default_result: MANUAL - e2e-e8-scc-limit-container-allowed-capabilities: + ocp4-e8-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-e8-scc-limit-privilege-escalation: + ocp4-e8-scc-limit-privilege-escalation: default_result: MANUAL - e2e-e8-scc-limit-privileged-containers: + ocp4-e8-scc-limit-privileged-containers: default_result: MANUAL - e2e-e8-scc-limit-root-containers: + ocp4-e8-scc-limit-root-containers: default_result: MANUAL diff --git a/tests/assertions/ocp4/ocp4-e8-4.15.yml b/tests/assertions/ocp4/ocp4-e8-4.15.yml index e82d5122341..22a87816f8a 100644 --- a/tests/assertions/ocp4/ocp4-e8-4.15.yml +++ b/tests/assertions/ocp4/ocp4-e8-4.15.yml @@ -1,37 +1,37 @@ rule_results: - e2e-e8-api-server-encryption-provider-cipher: + ocp4-e8-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-e8-api-server-tls-cipher-suites: + ocp4-e8-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-e8-ocp-allowed-registries: + ocp4-e8-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-e8-ocp-allowed-registries-for-import: + ocp4-e8-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-e8-ocp-idp-no-htpasswd: + ocp4-e8-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-e8-rbac-limit-cluster-admin: + ocp4-e8-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-rbac-pod-creation-access: + ocp4-e8-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-rbac-wildcard-use: + ocp4-e8-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-scc-limit-container-allowed-capabilities: + ocp4-e8-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-e8-scc-limit-privilege-escalation: + ocp4-e8-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-scc-limit-privileged-containers: + ocp4-e8-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-scc-limit-root-containers: + ocp4-e8-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-e8-4.16.yml b/tests/assertions/ocp4/ocp4-e8-4.16.yml index 3640e37f7ac..502cfbd94f6 100644 --- a/tests/assertions/ocp4/ocp4-e8-4.16.yml +++ b/tests/assertions/ocp4/ocp4-e8-4.16.yml @@ -1,29 +1,29 @@ rule_results: - e2e-e8-api-server-encryption-provider-cipher: + ocp4-e8-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-e8-api-server-tls-cipher-suites: + ocp4-e8-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-e8-ocp-allowed-registries: + ocp4-e8-ocp-allowed-registries: default_result: FAIL - e2e-e8-ocp-allowed-registries-for-import: + ocp4-e8-ocp-allowed-registries-for-import: default_result: FAIL - e2e-e8-ocp-idp-no-htpasswd: + ocp4-e8-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-e8-rbac-limit-cluster-admin: + ocp4-e8-rbac-limit-cluster-admin: default_result: MANUAL - e2e-e8-rbac-pod-creation-access: + ocp4-e8-rbac-pod-creation-access: default_result: MANUAL - e2e-e8-rbac-wildcard-use: + ocp4-e8-rbac-wildcard-use: default_result: MANUAL - e2e-e8-scc-limit-container-allowed-capabilities: + ocp4-e8-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-e8-scc-limit-privilege-escalation: + ocp4-e8-scc-limit-privilege-escalation: default_result: MANUAL - e2e-e8-scc-limit-privileged-containers: + ocp4-e8-scc-limit-privileged-containers: default_result: MANUAL - e2e-e8-scc-limit-root-containers: + ocp4-e8-scc-limit-root-containers: default_result: MANUAL diff --git a/tests/assertions/ocp4/ocp4-high-4.12.yml b/tests/assertions/ocp4/ocp4-high-4.12.yml index 189722cdbb9..3c2afb56537 100644 --- a/tests/assertions/ocp4/ocp4-high-4.12.yml +++ b/tests/assertions/ocp4/ocp4-high-4.12.yml @@ -1,414 +1,414 @@ rule_results: - e2e-high-accounts-restrict-service-account-tokens: + ocp4-high-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-accounts-unique-service-account: + ocp4-high-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-alert-receiver-configured: + ocp4-high-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-api-server-admission-control-plugin-alwaysadmit: + ocp4-high-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-alwayspullimages: + ocp4-high-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-namespacelifecycle: + ocp4-high-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-noderestriction: + ocp4-high-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-scc: + ocp4-high-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-securitycontextdeny: + ocp4-high-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-service-account: + ocp4-high-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-anonymous-auth: + ocp4-high-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-flowschema-catch-all: + ocp4-high-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-gate-enabled: + ocp4-high-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-audit-log-maxbackup: + ocp4-high-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-maxsize: + ocp4-high-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-path: + ocp4-high-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-no-aa: + ocp4-high-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-node: + ocp4-high-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-rbac: + ocp4-high-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-basic-auth: + ocp4-high-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-bind-address: + ocp4-high-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-client-ca: + ocp4-high-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-encryption-provider-cipher: + ocp4-high-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-etcd-ca: + ocp4-high-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-cert: + ocp4-high-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-key: + ocp4-high-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-https-for-kubelet-conn: + ocp4-high-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-bind-address: + ocp4-high-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-port: + ocp4-high-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-certificate-authority: + ocp4-high-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert: + ocp4-high-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert-pre-4-9: + ocp4-high-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-client-key: + ocp4-high-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-key-pre-4-9: + ocp4-high-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-no-adm-ctrl-plugins-disabled: + ocp4-high-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-oauth-https-serving-cert: + ocp4-high-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-openshift-https-serving-cert: + ocp4-high-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-profiling-protected-by-rbac: + ocp4-high-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-request-timeout: + ocp4-high-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-lookup: + ocp4-high-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-public-key: + ocp4-high-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cert: + ocp4-high-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cipher-suites: + ocp4-high-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-private-key: + ocp4-high-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile: + ocp4-high-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-token-auth: + ocp4-high-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-high-audit-error-alert-exists: + ocp4-high-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-high-audit-log-forwarding-enabled: + ocp4-high-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-uses-tls: + ocp4-high-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-webhook: + ocp4-high-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-audit-logging-enabled: + ocp4-high-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-audit-profile-set: + ocp4-high-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-high-banner-or-login-template-set: + ocp4-high-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-logging-operator-exist: + ocp4-high-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-version-operator-exists: + ocp4-high-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-version-operator-verify-integrity: + ocp4-high-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-wide-proxy-set: + ocp4-high-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-high-compliance-notification-enabled: + ocp4-high-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies: + ocp4-high-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies-hypershift-hosted: + ocp4-high-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-configure-network-policies-namespaces: + ocp4-high-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-high-controller-insecure-port-disabled: + ocp4-high-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-controller-rotate-kubelet-server-certs: + ocp4-high-controller-rotate-kubelet-server-certs: default_result: PASS result_after_remediation: PASS - e2e-high-controller-secure-port: + ocp4-high-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-ca: + ocp4-high-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-private-key: + ocp4-high-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-controller-use-service-account: + ocp4-high-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-default-ingress-ca-replaced: + ocp4-high-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-high-etcd-auto-tls: + ocp4-high-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-cert-file: + ocp4-high-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-client-cert-auth: + ocp4-high-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-key-file: + ocp4-high-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-auto-tls: + ocp4-high-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-cert-file: + ocp4-high-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-client-cert-auth: + ocp4-high-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-key-file: + ocp4-high-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-file-groupowner-proxy-kubeconfig: + ocp4-high-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-integrity-exists: + ocp4-high-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-integrity-notification-enabled: + ocp4-high-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-owner-proxy-kubeconfig: + ocp4-high-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-permissions-proxy-kubeconfig: + ocp4-high-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-fips-mode-enabled-on-all-nodes: + ocp4-high-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-high-general-apply-scc: + ocp4-high-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-configure-imagepolicywebhook: + ocp4-high-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-namespace-use: + ocp4-high-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-seccomp-profile: + ocp4-high-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-namespaces-in-use: + ocp4-high-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-gitops-operator-exists: + ocp4-high-gitops-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-idp-is-configured: + ocp4-high-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-certificate: + ocp4-high-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-tls-security-profile: + ocp4-high-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-kubeadmin-removed: + ocp4-high-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-high-kubelet-configure-tls-cert: + ocp4-high-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-configure-tls-cert-pre-4-9: + ocp4-high-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-kubelet-configure-tls-key: + ocp4-high-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-disable-readonly-port: + ocp4-high-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-inactivity-timeout: + ocp4-high-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-token-maxage: + ocp4-high-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-high-ocp-allowed-registries: + ocp4-high-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-allowed-registries-for-import: + ocp4-high-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-api-server-audit-log-maxbackup: + ocp4-high-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-api-server-audit-log-maxsize: + ocp4-high-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-idp-no-htpasswd: + ocp4-high-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-allowed-registries-for-import: + ocp4-high-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-registries: + ocp4-high-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-no-ldap-insecure: + ocp4-high-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-api-server-audit-log-path: + ocp4-high-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-motd-exists: + ocp4-high-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-rbac-debug-role-protects-pprof: + ocp4-high-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-high-rbac-least-privilege: + ocp4-high-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-cluster-admin: + ocp4-high-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-secrets-access: + ocp4-high-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-pod-creation-access: + ocp4-high-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-wildcard-use: + ocp4-high-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-resource-requests-limits-in-daemonset: + ocp4-high-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-deployment: + ocp4-high-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-statefulset: + ocp4-high-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-quota: + ocp4-high-resource-requests-quota: default_result: PASS - e2e-high-route-ip-whitelist: + ocp4-high-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-high-routes-protected-by-tls: + ocp4-high-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-high-routes-rate-limit: + ocp4-high-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-high-scansettingbinding-exists: + ocp4-high-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-high-scc-drop-container-capabilities: + ocp4-high-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-container-allowed-capabilities: + ocp4-high-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-high-scc-limit-ipc-namespace: + ocp4-high-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-net-raw-capability: + ocp4-high-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-network-namespace: + ocp4-high-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privilege-escalation: + ocp4-high-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privileged-containers: + ocp4-high-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-process-id-namespace: + ocp4-high-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-root-containers: + ocp4-high-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scheduler-profiling-protected-by-rbac: + ocp4-high-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-scheduler-service-protected-by-rbac: + ocp4-high-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-secrets-consider-external-storage: + ocp4-high-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-secrets-no-environment-variables: + ocp4-high-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-high-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-custom-min-tls-version: + ocp4-high-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-not-old: + ocp4-high-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-high-4.13.yml b/tests/assertions/ocp4/ocp4-high-4.13.yml index 894eba18715..3fc90c0c27c 100644 --- a/tests/assertions/ocp4/ocp4-high-4.13.yml +++ b/tests/assertions/ocp4/ocp4-high-4.13.yml @@ -1,386 +1,386 @@ rule_results: - e2e-high-accounts-restrict-service-account-tokens: + ocp4-high-accounts-restrict-service-account-tokens: default_result: MANUAL - e2e-high-accounts-unique-service-account: + ocp4-high-accounts-unique-service-account: default_result: MANUAL - e2e-high-alert-receiver-configured: + ocp4-high-alert-receiver-configured: default_result: MANUAL - e2e-high-api-server-admission-control-plugin-alwaysadmit: + ocp4-high-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-alwayspullimages: + ocp4-high-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-namespacelifecycle: + ocp4-high-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-noderestriction: + ocp4-high-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-scc: + ocp4-high-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-securitycontextdeny: + ocp4-high-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-service-account: + ocp4-high-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-anonymous-auth: + ocp4-high-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-flowschema-catch-all: + ocp4-high-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-gate-enabled: + ocp4-high-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-audit-log-maxbackup: + ocp4-high-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-maxsize: + ocp4-high-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-path: + ocp4-high-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-no-aa: + ocp4-high-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-node: + ocp4-high-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-rbac: + ocp4-high-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-basic-auth: + ocp4-high-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-bind-address: + ocp4-high-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-client-ca: + ocp4-high-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-encryption-provider-cipher: + ocp4-high-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-etcd-ca: + ocp4-high-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-cert: + ocp4-high-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-key: + ocp4-high-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-https-for-kubelet-conn: + ocp4-high-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-bind-address: + ocp4-high-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-port: + ocp4-high-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-certificate-authority: + ocp4-high-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert: + ocp4-high-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert-pre-4-9: + ocp4-high-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-client-key: + ocp4-high-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-key-pre-4-9: + ocp4-high-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-no-adm-ctrl-plugins-disabled: + ocp4-high-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-oauth-https-serving-cert: + ocp4-high-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-openshift-https-serving-cert: + ocp4-high-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-profiling-protected-by-rbac: + ocp4-high-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-request-timeout: + ocp4-high-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-lookup: + ocp4-high-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-public-key: + ocp4-high-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cert: + ocp4-high-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cipher-suites: + ocp4-high-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-private-key: + ocp4-high-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile: + ocp4-high-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-token-auth: + ocp4-high-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-high-audit-error-alert-exists: + ocp4-high-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-high-audit-log-forwarding-enabled: + ocp4-high-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-uses-tls: + ocp4-high-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-webhook: + ocp4-high-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-audit-logging-enabled: + ocp4-high-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-audit-profile-set: + ocp4-high-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-high-banner-or-login-template-set: + ocp4-high-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-logging-operator-exist: + ocp4-high-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-version-operator-exists: + ocp4-high-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-version-operator-verify-integrity: + ocp4-high-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-wide-proxy-set: + ocp4-high-cluster-wide-proxy-set: default_result: FAIL - e2e-high-compliance-notification-enabled: + ocp4-high-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies: + ocp4-high-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies-hypershift-hosted: + ocp4-high-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-configure-network-policies-namespaces: + ocp4-high-configure-network-policies-namespaces: default_result: PASS - e2e-high-controller-insecure-port-disabled: + ocp4-high-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-controller-rotate-kubelet-server-certs: + ocp4-high-controller-rotate-kubelet-server-certs: default_result: PASS result_after_remediation: PASS - e2e-high-controller-secure-port: + ocp4-high-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-ca: + ocp4-high-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-private-key: + ocp4-high-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-controller-use-service-account: + ocp4-high-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-default-ingress-ca-replaced: + ocp4-high-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-high-etcd-auto-tls: + ocp4-high-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-cert-file: + ocp4-high-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-client-cert-auth: + ocp4-high-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-key-file: + ocp4-high-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-auto-tls: + ocp4-high-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-cert-file: + ocp4-high-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-client-cert-auth: + ocp4-high-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-key-file: + ocp4-high-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-file-groupowner-proxy-kubeconfig: + ocp4-high-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-integrity-exists: + ocp4-high-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-integrity-notification-enabled: + ocp4-high-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-owner-proxy-kubeconfig: + ocp4-high-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-permissions-proxy-kubeconfig: + ocp4-high-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-fips-mode-enabled-on-all-nodes: + ocp4-high-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-high-general-apply-scc: + ocp4-high-general-apply-scc: default_result: MANUAL - e2e-high-general-configure-imagepolicywebhook: + ocp4-high-general-configure-imagepolicywebhook: default_result: MANUAL - e2e-high-general-default-namespace-use: + ocp4-high-general-default-namespace-use: default_result: MANUAL - e2e-high-general-default-seccomp-profile: + ocp4-high-general-default-seccomp-profile: default_result: MANUAL - e2e-high-general-namespaces-in-use: + ocp4-high-general-namespaces-in-use: default_result: MANUAL - e2e-high-gitops-operator-exists: + ocp4-high-gitops-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-idp-is-configured: + ocp4-high-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-certificate: + ocp4-high-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-tls-security-profile: + ocp4-high-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-kubeadmin-removed: + ocp4-high-kubeadmin-removed: default_result: FAIL - e2e-high-kubelet-configure-tls-cert: + ocp4-high-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-configure-tls-cert-pre-4-9: + ocp4-high-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-kubelet-configure-tls-key: + ocp4-high-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-disable-readonly-port: + ocp4-high-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-inactivity-timeout: + ocp4-high-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-token-maxage: + ocp4-high-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-high-ocp-allowed-registries: + ocp4-high-ocp-allowed-registries: default_result: FAIL - e2e-high-ocp-allowed-registries-for-import: + ocp4-high-ocp-allowed-registries-for-import: default_result: FAIL - e2e-high-ocp-api-server-audit-log-maxbackup: + ocp4-high-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-api-server-audit-log-maxsize: + ocp4-high-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-idp-no-htpasswd: + ocp4-high-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-allowed-registries-for-import: + ocp4-high-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-registries: + ocp4-high-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-no-ldap-insecure: + ocp4-high-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-api-server-audit-log-path: + ocp4-high-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-motd-exists: + ocp4-high-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-rbac-debug-role-protects-pprof: + ocp4-high-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-high-rbac-least-privilege: + ocp4-high-rbac-least-privilege: default_result: MANUAL - e2e-high-rbac-limit-cluster-admin: + ocp4-high-rbac-limit-cluster-admin: default_result: MANUAL - e2e-high-rbac-limit-secrets-access: + ocp4-high-rbac-limit-secrets-access: default_result: MANUAL - e2e-high-rbac-pod-creation-access: + ocp4-high-rbac-pod-creation-access: default_result: MANUAL - e2e-high-rbac-wildcard-use: + ocp4-high-rbac-wildcard-use: default_result: MANUAL - e2e-high-resource-requests-limits-in-daemonset: + ocp4-high-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-deployment: + ocp4-high-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-statefulset: + ocp4-high-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-quota: + ocp4-high-resource-requests-quota: default_result: PASS - e2e-high-route-ip-whitelist: + ocp4-high-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-high-routes-protected-by-tls: + ocp4-high-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-high-routes-rate-limit: + ocp4-high-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-high-scansettingbinding-exists: + ocp4-high-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-high-scc-drop-container-capabilities: + ocp4-high-scc-drop-container-capabilities: default_result: MANUAL - e2e-high-scc-limit-container-allowed-capabilities: + ocp4-high-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-high-scc-limit-ipc-namespace: + ocp4-high-scc-limit-ipc-namespace: default_result: MANUAL - e2e-high-scc-limit-net-raw-capability: + ocp4-high-scc-limit-net-raw-capability: default_result: MANUAL - e2e-high-scc-limit-network-namespace: + ocp4-high-scc-limit-network-namespace: default_result: MANUAL - e2e-high-scc-limit-privilege-escalation: + ocp4-high-scc-limit-privilege-escalation: default_result: MANUAL - e2e-high-scc-limit-privileged-containers: + ocp4-high-scc-limit-privileged-containers: default_result: MANUAL - e2e-high-scc-limit-process-id-namespace: + ocp4-high-scc-limit-process-id-namespace: default_result: MANUAL - e2e-high-scc-limit-root-containers: + ocp4-high-scc-limit-root-containers: default_result: MANUAL - e2e-high-scheduler-profiling-protected-by-rbac: + ocp4-high-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-scheduler-service-protected-by-rbac: + ocp4-high-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-secrets-consider-external-storage: + ocp4-high-secrets-consider-external-storage: default_result: MANUAL - e2e-high-secrets-no-environment-variables: + ocp4-high-secrets-no-environment-variables: default_result: MANUAL - e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-high-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-custom-min-tls-version: + ocp4-high-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-not-old: + ocp4-high-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-high-4.14.yml b/tests/assertions/ocp4/ocp4-high-4.14.yml index 25fa3a11f0a..608960c57a4 100644 --- a/tests/assertions/ocp4/ocp4-high-4.14.yml +++ b/tests/assertions/ocp4/ocp4-high-4.14.yml @@ -1,386 +1,386 @@ rule_results: - e2e-high-accounts-restrict-service-account-tokens: + ocp4-high-accounts-restrict-service-account-tokens: default_result: MANUAL - e2e-high-accounts-unique-service-account: + ocp4-high-accounts-unique-service-account: default_result: MANUAL - e2e-high-alert-receiver-configured: + ocp4-high-alert-receiver-configured: default_result: MANUAL - e2e-high-api-server-admission-control-plugin-alwaysadmit: + ocp4-high-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-alwayspullimages: + ocp4-high-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-namespacelifecycle: + ocp4-high-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-noderestriction: + ocp4-high-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-scc: + ocp4-high-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-securitycontextdeny: + ocp4-high-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-service-account: + ocp4-high-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-anonymous-auth: + ocp4-high-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-flowschema-catch-all: + ocp4-high-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-gate-enabled: + ocp4-high-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-audit-log-maxbackup: + ocp4-high-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-maxsize: + ocp4-high-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-path: + ocp4-high-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-no-aa: + ocp4-high-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-node: + ocp4-high-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-rbac: + ocp4-high-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-basic-auth: + ocp4-high-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-bind-address: + ocp4-high-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-client-ca: + ocp4-high-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-encryption-provider-cipher: + ocp4-high-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-etcd-ca: + ocp4-high-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-cert: + ocp4-high-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-key: + ocp4-high-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-https-for-kubelet-conn: + ocp4-high-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-bind-address: + ocp4-high-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-port: + ocp4-high-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-certificate-authority: + ocp4-high-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert: + ocp4-high-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert-pre-4-9: + ocp4-high-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-client-key: + ocp4-high-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-key-pre-4-9: + ocp4-high-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-no-adm-ctrl-plugins-disabled: + ocp4-high-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-oauth-https-serving-cert: + ocp4-high-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-openshift-https-serving-cert: + ocp4-high-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-profiling-protected-by-rbac: + ocp4-high-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-request-timeout: + ocp4-high-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-lookup: + ocp4-high-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-public-key: + ocp4-high-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cert: + ocp4-high-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cipher-suites: + ocp4-high-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-private-key: + ocp4-high-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile: + ocp4-high-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-token-auth: + ocp4-high-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-high-audit-error-alert-exists: + ocp4-high-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-high-audit-log-forwarding-enabled: + ocp4-high-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-uses-tls: + ocp4-high-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-webhook: + ocp4-high-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-audit-logging-enabled: + ocp4-high-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-audit-profile-set: + ocp4-high-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-high-banner-or-login-template-set: + ocp4-high-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-logging-operator-exist: + ocp4-high-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-version-operator-exists: + ocp4-high-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-version-operator-verify-integrity: + ocp4-high-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-wide-proxy-set: + ocp4-high-cluster-wide-proxy-set: default_result: FAIL - e2e-high-compliance-notification-enabled: + ocp4-high-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies: + ocp4-high-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies-hypershift-hosted: + ocp4-high-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-configure-network-policies-namespaces: + ocp4-high-configure-network-policies-namespaces: default_result: PASS - e2e-high-controller-insecure-port-disabled: + ocp4-high-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-controller-rotate-kubelet-server-certs: + ocp4-high-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-controller-secure-port: + ocp4-high-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-ca: + ocp4-high-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-private-key: + ocp4-high-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-controller-use-service-account: + ocp4-high-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-default-ingress-ca-replaced: + ocp4-high-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-high-etcd-auto-tls: + ocp4-high-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-cert-file: + ocp4-high-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-client-cert-auth: + ocp4-high-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-key-file: + ocp4-high-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-auto-tls: + ocp4-high-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-cert-file: + ocp4-high-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-client-cert-auth: + ocp4-high-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-key-file: + ocp4-high-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-file-groupowner-proxy-kubeconfig: + ocp4-high-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-integrity-exists: + ocp4-high-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-integrity-notification-enabled: + ocp4-high-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-owner-proxy-kubeconfig: + ocp4-high-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-permissions-proxy-kubeconfig: + ocp4-high-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-fips-mode-enabled-on-all-nodes: + ocp4-high-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-high-general-apply-scc: + ocp4-high-general-apply-scc: default_result: MANUAL - e2e-high-general-configure-imagepolicywebhook: + ocp4-high-general-configure-imagepolicywebhook: default_result: MANUAL - e2e-high-general-default-namespace-use: + ocp4-high-general-default-namespace-use: default_result: MANUAL - e2e-high-general-default-seccomp-profile: + ocp4-high-general-default-seccomp-profile: default_result: MANUAL - e2e-high-general-namespaces-in-use: + ocp4-high-general-namespaces-in-use: default_result: MANUAL - e2e-high-gitops-operator-exists: + ocp4-high-gitops-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-idp-is-configured: + ocp4-high-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-certificate: + ocp4-high-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-tls-security-profile: + ocp4-high-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-kubeadmin-removed: + ocp4-high-kubeadmin-removed: default_result: FAIL - e2e-high-kubelet-configure-tls-cert: + ocp4-high-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-configure-tls-cert-pre-4-9: + ocp4-high-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-kubelet-configure-tls-key: + ocp4-high-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-disable-readonly-port: + ocp4-high-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-inactivity-timeout: + ocp4-high-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-token-maxage: + ocp4-high-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-high-ocp-allowed-registries: + ocp4-high-ocp-allowed-registries: default_result: FAIL - e2e-high-ocp-allowed-registries-for-import: + ocp4-high-ocp-allowed-registries-for-import: default_result: FAIL - e2e-high-ocp-api-server-audit-log-maxbackup: + ocp4-high-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-api-server-audit-log-maxsize: + ocp4-high-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-idp-no-htpasswd: + ocp4-high-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-allowed-registries-for-import: + ocp4-high-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-registries: + ocp4-high-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-no-ldap-insecure: + ocp4-high-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-api-server-audit-log-path: + ocp4-high-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-motd-exists: + ocp4-high-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-rbac-debug-role-protects-pprof: + ocp4-high-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-high-rbac-least-privilege: + ocp4-high-rbac-least-privilege: default_result: MANUAL - e2e-high-rbac-limit-cluster-admin: + ocp4-high-rbac-limit-cluster-admin: default_result: MANUAL - e2e-high-rbac-limit-secrets-access: + ocp4-high-rbac-limit-secrets-access: default_result: MANUAL - e2e-high-rbac-pod-creation-access: + ocp4-high-rbac-pod-creation-access: default_result: MANUAL - e2e-high-rbac-wildcard-use: + ocp4-high-rbac-wildcard-use: default_result: MANUAL - e2e-high-resource-requests-limits-in-daemonset: + ocp4-high-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-deployment: + ocp4-high-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-statefulset: + ocp4-high-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-quota: + ocp4-high-resource-requests-quota: default_result: PASS - e2e-high-route-ip-whitelist: + ocp4-high-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-high-routes-protected-by-tls: + ocp4-high-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-high-routes-rate-limit: + ocp4-high-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-high-scansettingbinding-exists: + ocp4-high-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-high-scc-drop-container-capabilities: + ocp4-high-scc-drop-container-capabilities: default_result: MANUAL - e2e-high-scc-limit-container-allowed-capabilities: + ocp4-high-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-high-scc-limit-ipc-namespace: + ocp4-high-scc-limit-ipc-namespace: default_result: MANUAL - e2e-high-scc-limit-net-raw-capability: + ocp4-high-scc-limit-net-raw-capability: default_result: MANUAL - e2e-high-scc-limit-network-namespace: + ocp4-high-scc-limit-network-namespace: default_result: MANUAL - e2e-high-scc-limit-privilege-escalation: + ocp4-high-scc-limit-privilege-escalation: default_result: MANUAL - e2e-high-scc-limit-privileged-containers: + ocp4-high-scc-limit-privileged-containers: default_result: MANUAL - e2e-high-scc-limit-process-id-namespace: + ocp4-high-scc-limit-process-id-namespace: default_result: MANUAL - e2e-high-scc-limit-root-containers: + ocp4-high-scc-limit-root-containers: default_result: MANUAL - e2e-high-scheduler-profiling-protected-by-rbac: + ocp4-high-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-scheduler-service-protected-by-rbac: + ocp4-high-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-secrets-consider-external-storage: + ocp4-high-secrets-consider-external-storage: default_result: MANUAL - e2e-high-secrets-no-environment-variables: + ocp4-high-secrets-no-environment-variables: default_result: MANUAL - e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-high-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-custom-min-tls-version: + ocp4-high-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-not-old: + ocp4-high-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-high-4.15.yml b/tests/assertions/ocp4/ocp4-high-4.15.yml index 38061b21aa5..ad653f6bab0 100644 --- a/tests/assertions/ocp4/ocp4-high-4.15.yml +++ b/tests/assertions/ocp4/ocp4-high-4.15.yml @@ -1,413 +1,413 @@ rule_results: - e2e-high-accounts-restrict-service-account-tokens: + ocp4-high-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-accounts-unique-service-account: + ocp4-high-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-alert-receiver-configured: + ocp4-high-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-api-server-admission-control-plugin-alwaysadmit: + ocp4-high-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-alwayspullimages: + ocp4-high-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-namespacelifecycle: + ocp4-high-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-noderestriction: + ocp4-high-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-scc: + ocp4-high-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-securitycontextdeny: + ocp4-high-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-service-account: + ocp4-high-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-anonymous-auth: + ocp4-high-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-flowschema-catch-all: + ocp4-high-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-gate-enabled: + ocp4-high-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-audit-log-maxbackup: + ocp4-high-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-maxsize: + ocp4-high-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-path: + ocp4-high-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-no-aa: + ocp4-high-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-node: + ocp4-high-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-rbac: + ocp4-high-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-basic-auth: + ocp4-high-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-bind-address: + ocp4-high-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-client-ca: + ocp4-high-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-encryption-provider-cipher: + ocp4-high-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-etcd-ca: + ocp4-high-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-cert: + ocp4-high-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-key: + ocp4-high-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-https-for-kubelet-conn: + ocp4-high-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-bind-address: + ocp4-high-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-port: + ocp4-high-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-certificate-authority: + ocp4-high-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert: + ocp4-high-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert-pre-4-9: + ocp4-high-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-client-key: + ocp4-high-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-key-pre-4-9: + ocp4-high-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-no-adm-ctrl-plugins-disabled: + ocp4-high-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-oauth-https-serving-cert: + ocp4-high-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-openshift-https-serving-cert: + ocp4-high-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-profiling-protected-by-rbac: + ocp4-high-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-request-timeout: + ocp4-high-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-lookup: + ocp4-high-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-public-key: + ocp4-high-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cert: + ocp4-high-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cipher-suites: + ocp4-high-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-private-key: + ocp4-high-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile: + ocp4-high-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-token-auth: + ocp4-high-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-high-audit-error-alert-exists: + ocp4-high-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-high-audit-log-forwarding-enabled: + ocp4-high-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-uses-tls: + ocp4-high-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-webhook: + ocp4-high-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-audit-logging-enabled: + ocp4-high-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-audit-profile-set: + ocp4-high-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-high-banner-or-login-template-set: + ocp4-high-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-logging-operator-exist: + ocp4-high-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-version-operator-exists: + ocp4-high-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-version-operator-verify-integrity: + ocp4-high-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-wide-proxy-set: + ocp4-high-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-high-compliance-notification-enabled: + ocp4-high-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies: + ocp4-high-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies-hypershift-hosted: + ocp4-high-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-configure-network-policies-namespaces: + ocp4-high-configure-network-policies-namespaces: default_result: PASS - e2e-high-controller-insecure-port-disabled: + ocp4-high-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-controller-rotate-kubelet-server-certs: + ocp4-high-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-controller-secure-port: + ocp4-high-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-ca: + ocp4-high-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-private-key: + ocp4-high-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-controller-use-service-account: + ocp4-high-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-default-ingress-ca-replaced: + ocp4-high-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-high-etcd-auto-tls: + ocp4-high-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-cert-file: + ocp4-high-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-client-cert-auth: + ocp4-high-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-key-file: + ocp4-high-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-auto-tls: + ocp4-high-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-cert-file: + ocp4-high-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-client-cert-auth: + ocp4-high-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-key-file: + ocp4-high-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-file-groupowner-proxy-kubeconfig: + ocp4-high-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-integrity-exists: + ocp4-high-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-integrity-notification-enabled: + ocp4-high-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-owner-proxy-kubeconfig: + ocp4-high-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-permissions-proxy-kubeconfig: + ocp4-high-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-fips-mode-enabled-on-all-nodes: + ocp4-high-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-high-general-apply-scc: + ocp4-high-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-configure-imagepolicywebhook: + ocp4-high-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-namespace-use: + ocp4-high-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-seccomp-profile: + ocp4-high-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-namespaces-in-use: + ocp4-high-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-gitops-operator-exists: + ocp4-high-gitops-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-idp-is-configured: + ocp4-high-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-certificate: + ocp4-high-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-tls-security-profile: + ocp4-high-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-kubeadmin-removed: + ocp4-high-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-high-kubelet-configure-tls-cert: + ocp4-high-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-configure-tls-cert-pre-4-9: + ocp4-high-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-kubelet-configure-tls-key: + ocp4-high-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-disable-readonly-port: + ocp4-high-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-inactivity-timeout: + ocp4-high-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-token-maxage: + ocp4-high-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-high-ocp-allowed-registries: + ocp4-high-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-allowed-registries-for-import: + ocp4-high-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-api-server-audit-log-maxbackup: + ocp4-high-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-api-server-audit-log-maxsize: + ocp4-high-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-idp-no-htpasswd: + ocp4-high-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-allowed-registries-for-import: + ocp4-high-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-registries: + ocp4-high-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-no-ldap-insecure: + ocp4-high-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-api-server-audit-log-path: + ocp4-high-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-motd-exists: + ocp4-high-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-rbac-debug-role-protects-pprof: + ocp4-high-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-high-rbac-least-privilege: + ocp4-high-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-cluster-admin: + ocp4-high-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-secrets-access: + ocp4-high-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-pod-creation-access: + ocp4-high-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-wildcard-use: + ocp4-high-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-resource-requests-limits-in-daemonset: + ocp4-high-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-deployment: + ocp4-high-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-statefulset: + ocp4-high-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-quota: + ocp4-high-resource-requests-quota: default_result: PASS - e2e-high-route-ip-whitelist: + ocp4-high-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-high-routes-protected-by-tls: + ocp4-high-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-high-routes-rate-limit: + ocp4-high-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-high-scansettingbinding-exists: + ocp4-high-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-high-scc-drop-container-capabilities: + ocp4-high-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-container-allowed-capabilities: + ocp4-high-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-high-scc-limit-ipc-namespace: + ocp4-high-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-net-raw-capability: + ocp4-high-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-network-namespace: + ocp4-high-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privilege-escalation: + ocp4-high-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privileged-containers: + ocp4-high-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-process-id-namespace: + ocp4-high-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-root-containers: + ocp4-high-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scheduler-profiling-protected-by-rbac: + ocp4-high-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-scheduler-service-protected-by-rbac: + ocp4-high-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-secrets-consider-external-storage: + ocp4-high-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-secrets-no-environment-variables: + ocp4-high-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-high-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-custom-min-tls-version: + ocp4-high-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-not-old: + ocp4-high-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-high-4.16.yml b/tests/assertions/ocp4/ocp4-high-4.16.yml index 38061b21aa5..ad653f6bab0 100644 --- a/tests/assertions/ocp4/ocp4-high-4.16.yml +++ b/tests/assertions/ocp4/ocp4-high-4.16.yml @@ -1,413 +1,413 @@ rule_results: - e2e-high-accounts-restrict-service-account-tokens: + ocp4-high-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-accounts-unique-service-account: + ocp4-high-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-alert-receiver-configured: + ocp4-high-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-api-server-admission-control-plugin-alwaysadmit: + ocp4-high-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-alwayspullimages: + ocp4-high-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-namespacelifecycle: + ocp4-high-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-noderestriction: + ocp4-high-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-scc: + ocp4-high-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-securitycontextdeny: + ocp4-high-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-service-account: + ocp4-high-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-anonymous-auth: + ocp4-high-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-flowschema-catch-all: + ocp4-high-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-gate-enabled: + ocp4-high-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-audit-log-maxbackup: + ocp4-high-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-maxsize: + ocp4-high-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-path: + ocp4-high-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-no-aa: + ocp4-high-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-node: + ocp4-high-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-rbac: + ocp4-high-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-basic-auth: + ocp4-high-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-bind-address: + ocp4-high-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-client-ca: + ocp4-high-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-encryption-provider-cipher: + ocp4-high-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-etcd-ca: + ocp4-high-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-cert: + ocp4-high-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-key: + ocp4-high-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-https-for-kubelet-conn: + ocp4-high-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-bind-address: + ocp4-high-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-port: + ocp4-high-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-certificate-authority: + ocp4-high-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert: + ocp4-high-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert-pre-4-9: + ocp4-high-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-client-key: + ocp4-high-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-key-pre-4-9: + ocp4-high-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-no-adm-ctrl-plugins-disabled: + ocp4-high-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-oauth-https-serving-cert: + ocp4-high-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-openshift-https-serving-cert: + ocp4-high-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-profiling-protected-by-rbac: + ocp4-high-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-request-timeout: + ocp4-high-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-lookup: + ocp4-high-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-public-key: + ocp4-high-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cert: + ocp4-high-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cipher-suites: + ocp4-high-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-private-key: + ocp4-high-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile: + ocp4-high-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-token-auth: + ocp4-high-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-high-audit-error-alert-exists: + ocp4-high-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-high-audit-log-forwarding-enabled: + ocp4-high-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-uses-tls: + ocp4-high-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-webhook: + ocp4-high-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-audit-logging-enabled: + ocp4-high-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-audit-profile-set: + ocp4-high-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-high-banner-or-login-template-set: + ocp4-high-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-logging-operator-exist: + ocp4-high-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-version-operator-exists: + ocp4-high-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-version-operator-verify-integrity: + ocp4-high-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-wide-proxy-set: + ocp4-high-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-high-compliance-notification-enabled: + ocp4-high-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies: + ocp4-high-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies-hypershift-hosted: + ocp4-high-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-configure-network-policies-namespaces: + ocp4-high-configure-network-policies-namespaces: default_result: PASS - e2e-high-controller-insecure-port-disabled: + ocp4-high-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-controller-rotate-kubelet-server-certs: + ocp4-high-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-controller-secure-port: + ocp4-high-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-ca: + ocp4-high-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-private-key: + ocp4-high-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-controller-use-service-account: + ocp4-high-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-default-ingress-ca-replaced: + ocp4-high-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-high-etcd-auto-tls: + ocp4-high-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-cert-file: + ocp4-high-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-client-cert-auth: + ocp4-high-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-key-file: + ocp4-high-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-auto-tls: + ocp4-high-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-cert-file: + ocp4-high-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-client-cert-auth: + ocp4-high-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-key-file: + ocp4-high-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-file-groupowner-proxy-kubeconfig: + ocp4-high-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-integrity-exists: + ocp4-high-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-integrity-notification-enabled: + ocp4-high-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-owner-proxy-kubeconfig: + ocp4-high-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-permissions-proxy-kubeconfig: + ocp4-high-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-fips-mode-enabled-on-all-nodes: + ocp4-high-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-high-general-apply-scc: + ocp4-high-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-configure-imagepolicywebhook: + ocp4-high-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-namespace-use: + ocp4-high-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-seccomp-profile: + ocp4-high-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-namespaces-in-use: + ocp4-high-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-gitops-operator-exists: + ocp4-high-gitops-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-idp-is-configured: + ocp4-high-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-certificate: + ocp4-high-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-tls-security-profile: + ocp4-high-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-kubeadmin-removed: + ocp4-high-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-high-kubelet-configure-tls-cert: + ocp4-high-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-configure-tls-cert-pre-4-9: + ocp4-high-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-kubelet-configure-tls-key: + ocp4-high-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-disable-readonly-port: + ocp4-high-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-inactivity-timeout: + ocp4-high-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-token-maxage: + ocp4-high-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-high-ocp-allowed-registries: + ocp4-high-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-allowed-registries-for-import: + ocp4-high-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-api-server-audit-log-maxbackup: + ocp4-high-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-api-server-audit-log-maxsize: + ocp4-high-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-idp-no-htpasswd: + ocp4-high-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-allowed-registries-for-import: + ocp4-high-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-registries: + ocp4-high-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-no-ldap-insecure: + ocp4-high-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-api-server-audit-log-path: + ocp4-high-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-motd-exists: + ocp4-high-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-rbac-debug-role-protects-pprof: + ocp4-high-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-high-rbac-least-privilege: + ocp4-high-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-cluster-admin: + ocp4-high-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-secrets-access: + ocp4-high-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-pod-creation-access: + ocp4-high-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-wildcard-use: + ocp4-high-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-resource-requests-limits-in-daemonset: + ocp4-high-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-deployment: + ocp4-high-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-statefulset: + ocp4-high-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-quota: + ocp4-high-resource-requests-quota: default_result: PASS - e2e-high-route-ip-whitelist: + ocp4-high-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-high-routes-protected-by-tls: + ocp4-high-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-high-routes-rate-limit: + ocp4-high-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-high-scansettingbinding-exists: + ocp4-high-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-high-scc-drop-container-capabilities: + ocp4-high-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-container-allowed-capabilities: + ocp4-high-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-high-scc-limit-ipc-namespace: + ocp4-high-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-net-raw-capability: + ocp4-high-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-network-namespace: + ocp4-high-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privilege-escalation: + ocp4-high-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privileged-containers: + ocp4-high-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-process-id-namespace: + ocp4-high-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-root-containers: + ocp4-high-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scheduler-profiling-protected-by-rbac: + ocp4-high-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-scheduler-service-protected-by-rbac: + ocp4-high-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-secrets-consider-external-storage: + ocp4-high-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-secrets-no-environment-variables: + ocp4-high-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-high-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-custom-min-tls-version: + ocp4-high-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-not-old: + ocp4-high-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-high-4.17.yml b/tests/assertions/ocp4/ocp4-high-4.17.yml index c676ecc5a0a..15f2b5488f1 100644 --- a/tests/assertions/ocp4/ocp4-high-4.17.yml +++ b/tests/assertions/ocp4/ocp4-high-4.17.yml @@ -1,415 +1,415 @@ rule_results: - e2e-high-accounts-restrict-service-account-tokens: + ocp4-high-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-accounts-unique-service-account: + ocp4-high-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-alert-receiver-configured: + ocp4-high-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-api-server-admission-control-plugin-alwaysadmit: + ocp4-high-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-alwayspullimages: + ocp4-high-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-namespacelifecycle: + ocp4-high-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-noderestriction: + ocp4-high-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-scc: + ocp4-high-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-securitycontextdeny: + ocp4-high-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-service-account: + ocp4-high-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-anonymous-auth: + ocp4-high-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-flowschema-catch-all: + ocp4-high-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-gate-enabled: + ocp4-high-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-audit-log-maxbackup: + ocp4-high-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-maxsize: + ocp4-high-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-path: + ocp4-high-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-no-aa: + ocp4-high-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-node: + ocp4-high-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-rbac: + ocp4-high-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-basic-auth: + ocp4-high-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-bind-address: + ocp4-high-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-client-ca: + ocp4-high-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-encryption-provider-cipher: + ocp4-high-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-etcd-ca: + ocp4-high-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-cert: + ocp4-high-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-key: + ocp4-high-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-https-for-kubelet-conn: + ocp4-high-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-bind-address: + ocp4-high-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-port: + ocp4-high-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-certificate-authority: + ocp4-high-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert: + ocp4-high-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert-pre-4-9: + ocp4-high-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-client-key: + ocp4-high-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-key-pre-4-9: + ocp4-high-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-no-adm-ctrl-plugins-disabled: + ocp4-high-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-oauth-https-serving-cert: + ocp4-high-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-openshift-https-serving-cert: + ocp4-high-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-profiling-protected-by-rbac: + ocp4-high-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-request-timeout: + ocp4-high-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-lookup: + ocp4-high-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-public-key: + ocp4-high-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cert: + ocp4-high-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cipher-suites: + ocp4-high-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-private-key: + ocp4-high-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile: + ocp4-high-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-token-auth: + ocp4-high-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-high-audit-error-alert-exists: + ocp4-high-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-high-audit-log-forwarding-enabled: + ocp4-high-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-uses-tls: + ocp4-high-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-webhook: + ocp4-high-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-audit-logging-enabled: + ocp4-high-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-audit-profile-set: + ocp4-high-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-high-banner-or-login-template-set: + ocp4-high-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-logging-operator-exist: + ocp4-high-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-version-operator-exists: + ocp4-high-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-version-operator-verify-integrity: + ocp4-high-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-wide-proxy-set: + ocp4-high-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-high-compliance-notification-enabled: + ocp4-high-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies: + ocp4-high-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies-hypershift-hosted: + ocp4-high-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-configure-network-policies-namespaces: + ocp4-high-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-high-controller-insecure-port-disabled: + ocp4-high-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-controller-rotate-kubelet-server-certs: + ocp4-high-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-controller-secure-port: + ocp4-high-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-ca: + ocp4-high-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-private-key: + ocp4-high-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-controller-use-service-account: + ocp4-high-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-default-ingress-ca-replaced: + ocp4-high-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-high-etcd-auto-tls: + ocp4-high-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-cert-file: + ocp4-high-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-client-cert-auth: + ocp4-high-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-key-file: + ocp4-high-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-auto-tls: + ocp4-high-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-cert-file: + ocp4-high-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-client-cert-auth: + ocp4-high-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-key-file: + ocp4-high-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-file-groupowner-proxy-kubeconfig: + ocp4-high-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-integrity-exists: + ocp4-high-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-integrity-notification-enabled: + ocp4-high-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-owner-proxy-kubeconfig: + ocp4-high-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-permissions-proxy-kubeconfig: + ocp4-high-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-fips-mode-enabled-on-all-nodes: + ocp4-high-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-high-general-apply-scc: + ocp4-high-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-configure-imagepolicywebhook: + ocp4-high-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-namespace-use: + ocp4-high-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-seccomp-profile: + ocp4-high-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-namespaces-in-use: + ocp4-high-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-gitops-operator-exists: + ocp4-high-gitops-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-idp-is-configured: + ocp4-high-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-certificate: + ocp4-high-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-tls-security-profile: + ocp4-high-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-kubeadmin-removed: + ocp4-high-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-high-kubelet-configure-tls-cert: + ocp4-high-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-configure-tls-cert-pre-4-9: + ocp4-high-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-kubelet-configure-tls-key: + ocp4-high-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-disable-readonly-port: + ocp4-high-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-inactivity-timeout: + ocp4-high-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-token-maxage: + ocp4-high-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-high-ocp-allowed-registries: + ocp4-high-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-allowed-registries-for-import: + ocp4-high-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-api-server-audit-log-maxbackup: + ocp4-high-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-api-server-audit-log-maxsize: + ocp4-high-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-idp-no-htpasswd: + ocp4-high-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-allowed-registries-for-import: + ocp4-high-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-registries: + ocp4-high-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-no-ldap-insecure: + ocp4-high-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-api-server-audit-log-path: + ocp4-high-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-motd-exists: + ocp4-high-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-rbac-debug-role-protects-pprof: + ocp4-high-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-high-rbac-least-privilege: + ocp4-high-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-cluster-admin: + ocp4-high-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-secrets-access: + ocp4-high-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-pod-creation-access: + ocp4-high-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-wildcard-use: + ocp4-high-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-resource-requests-limits-in-daemonset: + ocp4-high-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-deployment: + ocp4-high-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-statefulset: + ocp4-high-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-quota: + ocp4-high-resource-requests-quota: default_result: PASS result_after_remediation: PASS - e2e-high-route-ip-whitelist: + ocp4-high-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-high-routes-protected-by-tls: + ocp4-high-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-high-routes-rate-limit: + ocp4-high-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-high-scansettingbinding-exists: + ocp4-high-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-high-scc-drop-container-capabilities: + ocp4-high-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-container-allowed-capabilities: + ocp4-high-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-high-scc-limit-ipc-namespace: + ocp4-high-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-net-raw-capability: + ocp4-high-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-network-namespace: + ocp4-high-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privilege-escalation: + ocp4-high-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privileged-containers: + ocp4-high-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-process-id-namespace: + ocp4-high-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-root-containers: + ocp4-high-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scheduler-profiling-protected-by-rbac: + ocp4-high-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-scheduler-service-protected-by-rbac: + ocp4-high-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-secrets-consider-external-storage: + ocp4-high-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-secrets-no-environment-variables: + ocp4-high-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-high-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-custom-min-tls-version: + ocp4-high-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-not-old: + ocp4-high-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-high-4.18.yml b/tests/assertions/ocp4/ocp4-high-4.18.yml index c676ecc5a0a..15f2b5488f1 100644 --- a/tests/assertions/ocp4/ocp4-high-4.18.yml +++ b/tests/assertions/ocp4/ocp4-high-4.18.yml @@ -1,415 +1,415 @@ rule_results: - e2e-high-accounts-restrict-service-account-tokens: + ocp4-high-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-accounts-unique-service-account: + ocp4-high-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-alert-receiver-configured: + ocp4-high-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-api-server-admission-control-plugin-alwaysadmit: + ocp4-high-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-alwayspullimages: + ocp4-high-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-namespacelifecycle: + ocp4-high-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-noderestriction: + ocp4-high-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-scc: + ocp4-high-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-securitycontextdeny: + ocp4-high-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-service-account: + ocp4-high-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-anonymous-auth: + ocp4-high-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-flowschema-catch-all: + ocp4-high-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-gate-enabled: + ocp4-high-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-audit-log-maxbackup: + ocp4-high-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-maxsize: + ocp4-high-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-path: + ocp4-high-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-no-aa: + ocp4-high-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-node: + ocp4-high-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-rbac: + ocp4-high-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-basic-auth: + ocp4-high-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-bind-address: + ocp4-high-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-client-ca: + ocp4-high-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-encryption-provider-cipher: + ocp4-high-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-etcd-ca: + ocp4-high-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-cert: + ocp4-high-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-key: + ocp4-high-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-https-for-kubelet-conn: + ocp4-high-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-bind-address: + ocp4-high-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-port: + ocp4-high-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-certificate-authority: + ocp4-high-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert: + ocp4-high-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert-pre-4-9: + ocp4-high-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-client-key: + ocp4-high-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-key-pre-4-9: + ocp4-high-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-no-adm-ctrl-plugins-disabled: + ocp4-high-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-oauth-https-serving-cert: + ocp4-high-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-openshift-https-serving-cert: + ocp4-high-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-profiling-protected-by-rbac: + ocp4-high-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-request-timeout: + ocp4-high-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-lookup: + ocp4-high-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-public-key: + ocp4-high-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cert: + ocp4-high-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cipher-suites: + ocp4-high-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-private-key: + ocp4-high-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile: + ocp4-high-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-token-auth: + ocp4-high-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-high-audit-error-alert-exists: + ocp4-high-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-high-audit-log-forwarding-enabled: + ocp4-high-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-uses-tls: + ocp4-high-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-webhook: + ocp4-high-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-audit-logging-enabled: + ocp4-high-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-audit-profile-set: + ocp4-high-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-high-banner-or-login-template-set: + ocp4-high-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-logging-operator-exist: + ocp4-high-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-version-operator-exists: + ocp4-high-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-version-operator-verify-integrity: + ocp4-high-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-wide-proxy-set: + ocp4-high-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-high-compliance-notification-enabled: + ocp4-high-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies: + ocp4-high-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies-hypershift-hosted: + ocp4-high-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-configure-network-policies-namespaces: + ocp4-high-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-high-controller-insecure-port-disabled: + ocp4-high-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-controller-rotate-kubelet-server-certs: + ocp4-high-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-controller-secure-port: + ocp4-high-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-ca: + ocp4-high-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-private-key: + ocp4-high-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-controller-use-service-account: + ocp4-high-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-default-ingress-ca-replaced: + ocp4-high-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-high-etcd-auto-tls: + ocp4-high-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-cert-file: + ocp4-high-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-client-cert-auth: + ocp4-high-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-key-file: + ocp4-high-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-auto-tls: + ocp4-high-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-cert-file: + ocp4-high-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-client-cert-auth: + ocp4-high-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-key-file: + ocp4-high-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-file-groupowner-proxy-kubeconfig: + ocp4-high-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-integrity-exists: + ocp4-high-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-integrity-notification-enabled: + ocp4-high-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-owner-proxy-kubeconfig: + ocp4-high-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-permissions-proxy-kubeconfig: + ocp4-high-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-fips-mode-enabled-on-all-nodes: + ocp4-high-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-high-general-apply-scc: + ocp4-high-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-configure-imagepolicywebhook: + ocp4-high-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-namespace-use: + ocp4-high-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-seccomp-profile: + ocp4-high-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-namespaces-in-use: + ocp4-high-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-gitops-operator-exists: + ocp4-high-gitops-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-idp-is-configured: + ocp4-high-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-certificate: + ocp4-high-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-tls-security-profile: + ocp4-high-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-kubeadmin-removed: + ocp4-high-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-high-kubelet-configure-tls-cert: + ocp4-high-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-configure-tls-cert-pre-4-9: + ocp4-high-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-kubelet-configure-tls-key: + ocp4-high-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-disable-readonly-port: + ocp4-high-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-inactivity-timeout: + ocp4-high-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-token-maxage: + ocp4-high-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-high-ocp-allowed-registries: + ocp4-high-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-allowed-registries-for-import: + ocp4-high-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-api-server-audit-log-maxbackup: + ocp4-high-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-api-server-audit-log-maxsize: + ocp4-high-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-idp-no-htpasswd: + ocp4-high-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-allowed-registries-for-import: + ocp4-high-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-registries: + ocp4-high-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-no-ldap-insecure: + ocp4-high-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-api-server-audit-log-path: + ocp4-high-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-motd-exists: + ocp4-high-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-rbac-debug-role-protects-pprof: + ocp4-high-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-high-rbac-least-privilege: + ocp4-high-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-cluster-admin: + ocp4-high-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-secrets-access: + ocp4-high-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-pod-creation-access: + ocp4-high-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-wildcard-use: + ocp4-high-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-resource-requests-limits-in-daemonset: + ocp4-high-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-deployment: + ocp4-high-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-statefulset: + ocp4-high-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-quota: + ocp4-high-resource-requests-quota: default_result: PASS result_after_remediation: PASS - e2e-high-route-ip-whitelist: + ocp4-high-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-high-routes-protected-by-tls: + ocp4-high-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-high-routes-rate-limit: + ocp4-high-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-high-scansettingbinding-exists: + ocp4-high-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-high-scc-drop-container-capabilities: + ocp4-high-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-container-allowed-capabilities: + ocp4-high-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-high-scc-limit-ipc-namespace: + ocp4-high-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-net-raw-capability: + ocp4-high-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-network-namespace: + ocp4-high-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privilege-escalation: + ocp4-high-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privileged-containers: + ocp4-high-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-process-id-namespace: + ocp4-high-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-root-containers: + ocp4-high-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scheduler-profiling-protected-by-rbac: + ocp4-high-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-scheduler-service-protected-by-rbac: + ocp4-high-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-secrets-consider-external-storage: + ocp4-high-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-secrets-no-environment-variables: + ocp4-high-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-high-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-custom-min-tls-version: + ocp4-high-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-not-old: + ocp4-high-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-high-node-4.12.yml b/tests/assertions/ocp4/ocp4-high-node-4.12.yml index c6c810c3df2..c631283d801 100644 --- a/tests/assertions/ocp4/ocp4-high-node-4.12.yml +++ b/tests/assertions/ocp4/ocp4-high-node-4.12.yml @@ -1,739 +1,739 @@ rule_results: - e2e-high-node-master-directory-access-var-log-kube-audit: + ocp4-high-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-oauth-audit: + ocp4-high-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-ocp-audit: + ocp4-high-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-kube-audit: + ocp4-high-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-oauth-audit: + ocp4-high-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-ocp-audit: + ocp4-high-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-etcd-unique-ca: + ocp4-high-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-cni-conf: + ocp4-high-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-dir: + ocp4-high-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-files: + ocp4-high-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-member: + ocp4-high-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ip-allocations: + ocp4-high-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-kube-apiserver: + ocp4-high-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-controller-manager: + ocp4-high-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-scheduler: + ocp4-high-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kubelet-conf: + ocp4-high-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-multus-conf: + ocp4-high-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-key-files: + ocp4-high-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovn-db-files: + ocp4-high-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-pid: + ocp4-high-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovsdb-server-pid: + ocp4-high-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-ca: + ocp4-high-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-kubeconfig: + ocp4-high-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-service: + ocp4-high-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-cni-conf: + ocp4-high-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-controller-manager-kubeconfig: + ocp4-high-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-dir: + ocp4-high-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-files: + ocp4-high-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-member: + ocp4-high-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-pki-cert-files: + ocp4-high-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ip-allocations: + ocp4-high-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-kube-apiserver: + ocp4-high-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-controller-manager: + ocp4-high-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-scheduler: + ocp4-high-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet: + ocp4-high-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet-conf: + ocp4-high-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-master-admin-kubeconfigs: + ocp4-high-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-multus-conf: + ocp4-high-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-cert-files: + ocp4-high-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-key-files: + ocp4-high-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-ovn-cni-server-sock: + ocp4-high-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovn-db-files: + ocp4-high-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db: + ocp4-high-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db-lock: + ocp4-high-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-pid: + ocp4-high-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-sys-id-conf: + ocp4-high-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-vswitchd-pid: + ocp4-high-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovsdb-server-pid: + ocp4-high-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-scheduler-kubeconfig: + ocp4-high-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-ca: + ocp4-high-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-kubeconfig: + ocp4-high-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-service: + ocp4-high-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-kube-audit: + ocp4-high-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-oauth-audit: + ocp4-high-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-ocp-audit: + ocp4-high-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-cni-conf: + ocp4-high-node-master-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-high-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-dir: + ocp4-high-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-files: + ocp4-high-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-member: + ocp4-high-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-pki-cert-files: + ocp4-high-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ip-allocations: + ocp4-high-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-permissions-kube-apiserver: + ocp4-high-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kube-controller-manager: + ocp4-high-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet: + ocp4-high-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet-conf: + ocp4-high-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-multus-conf: + ocp4-high-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-cert-files: + ocp4-high-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-key-files: + ocp4-high-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-cni-server-sock: + ocp4-high-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-db-files: + ocp4-high-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db: + ocp4-high-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db-lock: + ocp4-high-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-pid: + ocp4-high-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-sys-id-conf: + ocp4-high-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovsdb-server-pid: + ocp4-high-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler: + ocp4-high-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler-kubeconfig: + ocp4-high-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-kube-audit: + ocp4-high-node-master-file-permissions-var-log-kube-audit: default_result: INCONSISTENT result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-oauth-audit: + ocp4-high-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-ocp-audit: + ocp4-high-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-ca: + ocp4-high-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-kubeconfig: + ocp4-high-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-service: + ocp4-high-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-kubelet-anonymous-auth: + ocp4-high-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-authorization-mode: + ocp4-high-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-client-ca: + ocp4-high-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-event-creation: + ocp4-high-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-cipher-suites: + ocp4-high-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-min-version: + ocp4-high-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-cert-rotation: + ocp4-high-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-client-cert-rotation: + ocp4-high-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-iptables-util-chains: + ocp4-high-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-master-kubelet-enable-protect-kernel-defaults: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-server-cert-rotation: + ocp4-high-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-streaming-connections: + ocp4-high-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-partition-for-var-log-kube-apiserver: + ocp4-high-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-partition-for-var-log-oauth-apiserver: + ocp4-high-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-partition-for-var-log-openshift-apiserver: + ocp4-high-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-reject-unsigned-images-by-default: + ocp4-high-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-directory-access-var-log-kube-audit: + ocp4-high-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-oauth-audit: + ocp4-high-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-ocp-audit: + ocp4-high-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-kube-audit: + ocp4-high-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-high-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-high-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-etcd-unique-ca: + ocp4-high-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-cni-conf: + ocp4-high-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-dir: + ocp4-high-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-files: + ocp4-high-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-member: + ocp4-high-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ip-allocations: + ocp4-high-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-apiserver: + ocp4-high-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-controller-manager: + ocp4-high-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-scheduler: + ocp4-high-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kubelet-conf: + ocp4-high-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-multus-conf: + ocp4-high-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovn-db-files: + ocp4-high-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-pid: + ocp4-high-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-high-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-worker-ca: + ocp4-high-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-kubeconfig: + ocp4-high-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-service: + ocp4-high-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-cni-conf: + ocp4-high-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-dir: + ocp4-high-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-files: + ocp4-high-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-member: + ocp4-high-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-pki-cert-files: + ocp4-high-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ip-allocations: + ocp4-high-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-apiserver: + ocp4-high-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-controller-manager: + ocp4-high-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-scheduler: + ocp4-high-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kubelet: + ocp4-high-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-kubelet-conf: + ocp4-high-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-multus-conf: + ocp4-high-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-openshift-pki-cert-files: + ocp4-high-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-pki-key-files: + ocp4-high-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ovn-cni-server-sock: + ocp4-high-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovn-db-files: + ocp4-high-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db: + ocp4-high-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db-lock: + ocp4-high-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-pid: + ocp4-high-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-sys-id-conf: + ocp4-high-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovsdb-server-pid: + ocp4-high-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-scheduler-kubeconfig: + ocp4-high-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-worker-ca: + ocp4-high-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-kubeconfig: + ocp4-high-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-service: + ocp4-high-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-ownership-var-log-kube-audit: + ocp4-high-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-oauth-audit: + ocp4-high-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-ocp-audit: + ocp4-high-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-cni-conf: + ocp4-high-node-worker-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-high-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-dir: + ocp4-high-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-files: + ocp4-high-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-member: + ocp4-high-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-high-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ip-allocations: + ocp4-high-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-apiserver: + ocp4-high-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-controller-manager: + ocp4-high-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kubelet: + ocp4-high-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-kubelet-conf: + ocp4-high-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-multus-conf: + ocp4-high-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-high-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-openshift-pki-key-files: + ocp4-high-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-high-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovn-db-files: + ocp4-high-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db: + ocp4-high-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-high-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-pid: + ocp4-high-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-high-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovsdb-server-pid: + ocp4-high-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-scheduler: + ocp4-high-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-high-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-kube-audit: + ocp4-high-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-oauth-audit: + ocp4-high-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-ocp-audit: + ocp4-high-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-worker-ca: + ocp4-high-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-kubeconfig: + ocp4-high-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-service: + ocp4-high-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-kubelet-anonymous-auth: + ocp4-high-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-authorization-mode: + ocp4-high-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-client-ca: + ocp4-high-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-event-creation: + ocp4-high-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-high-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-min-version: + ocp4-high-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-cert-rotation: + ocp4-high-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-client-cert-rotation: + ocp4-high-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-iptables-util-chains: + ocp4-high-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-worker-kubelet-enable-protect-kernel-defaults: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-server-cert-rotation: + ocp4-high-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-streaming-connections: + ocp4-high-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-partition-for-var-log-kube-apiserver: + ocp4-high-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-high-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-high-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-reject-unsigned-images-by-default: + ocp4-high-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-high-node-4.13.yml b/tests/assertions/ocp4/ocp4-high-node-4.13.yml index 438214787f7..48c2f333e35 100644 --- a/tests/assertions/ocp4/ocp4-high-node-4.13.yml +++ b/tests/assertions/ocp4/ocp4-high-node-4.13.yml @@ -1,720 +1,720 @@ rule_results: - e2e-high-node-master-directory-access-var-log-kube-audit: + ocp4-high-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-oauth-audit: + ocp4-high-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-ocp-audit: + ocp4-high-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-kube-audit: + ocp4-high-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-oauth-audit: + ocp4-high-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-ocp-audit: + ocp4-high-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-etcd-unique-ca: + ocp4-high-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-cni-conf: + ocp4-high-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-dir: + ocp4-high-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-files: + ocp4-high-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-member: + ocp4-high-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ip-allocations: + ocp4-high-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-kube-apiserver: + ocp4-high-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-controller-manager: + ocp4-high-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-scheduler: + ocp4-high-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kubelet-conf: + ocp4-high-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-multus-conf: + ocp4-high-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-key-files: + ocp4-high-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-groupowner-ovn-db-files: + ocp4-high-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-pid: + ocp4-high-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovsdb-server-pid: + ocp4-high-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-ca: + ocp4-high-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-kubeconfig: + ocp4-high-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-service: + ocp4-high-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-cni-conf: + ocp4-high-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-controller-manager-kubeconfig: + ocp4-high-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-dir: + ocp4-high-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-files: + ocp4-high-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-member: + ocp4-high-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-pki-cert-files: + ocp4-high-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ip-allocations: + ocp4-high-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-kube-apiserver: + ocp4-high-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-controller-manager: + ocp4-high-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-scheduler: + ocp4-high-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet: + ocp4-high-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet-conf: + ocp4-high-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-master-admin-kubeconfigs: + ocp4-high-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-multus-conf: + ocp4-high-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-cert-files: + ocp4-high-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-key-files: + ocp4-high-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-ovn-cni-server-sock: + ocp4-high-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-owner-ovn-db-files: + ocp4-high-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-owner-ovs-conf-db: + ocp4-high-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db-lock: + ocp4-high-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-pid: + ocp4-high-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-sys-id-conf: + ocp4-high-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-vswitchd-pid: + ocp4-high-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovsdb-server-pid: + ocp4-high-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-scheduler-kubeconfig: + ocp4-high-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-ca: + ocp4-high-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-kubeconfig: + ocp4-high-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-service: + ocp4-high-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-kube-audit: + ocp4-high-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-oauth-audit: + ocp4-high-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-ocp-audit: + ocp4-high-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-cni-conf: + ocp4-high-node-master-file-permissions-cni-conf: default_result: FAIL - e2e-high-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-dir: + ocp4-high-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-files: + ocp4-high-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-member: + ocp4-high-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-pki-cert-files: + ocp4-high-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ip-allocations: + ocp4-high-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-permissions-kube-apiserver: + ocp4-high-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kube-controller-manager: + ocp4-high-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet: + ocp4-high-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet-conf: + ocp4-high-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-multus-conf: + ocp4-high-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-cert-files: + ocp4-high-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-key-files: + ocp4-high-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-cni-server-sock: + ocp4-high-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-permissions-ovn-db-files: + ocp4-high-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-master-file-permissions-ovs-conf-db: + ocp4-high-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db-lock: + ocp4-high-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-pid: + ocp4-high-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-sys-id-conf: + ocp4-high-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovsdb-server-pid: + ocp4-high-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler: + ocp4-high-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler-kubeconfig: + ocp4-high-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-kube-audit: + ocp4-high-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-oauth-audit: + ocp4-high-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-ocp-audit: + ocp4-high-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-ca: + ocp4-high-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-kubeconfig: + ocp4-high-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-service: + ocp4-high-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-kubelet-anonymous-auth: + ocp4-high-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-authorization-mode: + ocp4-high-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-client-ca: + ocp4-high-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-event-creation: + ocp4-high-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-cipher-suites: + ocp4-high-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-min-version: + ocp4-high-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-cert-rotation: + ocp4-high-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-client-cert-rotation: + ocp4-high-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-iptables-util-chains: + ocp4-high-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-server-cert-rotation: + ocp4-high-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-streaming-connections: + ocp4-high-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-partition-for-var-log-kube-apiserver: + ocp4-high-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-oauth-apiserver: + ocp4-high-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-openshift-apiserver: + ocp4-high-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-master-reject-unsigned-images-by-default: + ocp4-high-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-directory-access-var-log-kube-audit: + ocp4-high-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-oauth-audit: + ocp4-high-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-ocp-audit: + ocp4-high-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-kube-audit: + ocp4-high-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-high-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-high-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-etcd-unique-ca: + ocp4-high-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-cni-conf: + ocp4-high-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-dir: + ocp4-high-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-files: + ocp4-high-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-member: + ocp4-high-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ip-allocations: + ocp4-high-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-apiserver: + ocp4-high-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-controller-manager: + ocp4-high-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-scheduler: + ocp4-high-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kubelet-conf: + ocp4-high-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-multus-conf: + ocp4-high-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-groupowner-ovn-db-files: + ocp4-high-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-pid: + ocp4-high-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-high-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-worker-ca: + ocp4-high-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-kubeconfig: + ocp4-high-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-service: + ocp4-high-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-cni-conf: + ocp4-high-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-dir: + ocp4-high-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-files: + ocp4-high-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-member: + ocp4-high-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-pki-cert-files: + ocp4-high-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ip-allocations: + ocp4-high-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-apiserver: + ocp4-high-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-controller-manager: + ocp4-high-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-scheduler: + ocp4-high-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kubelet: + ocp4-high-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-kubelet-conf: + ocp4-high-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-multus-conf: + ocp4-high-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-openshift-pki-cert-files: + ocp4-high-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-pki-key-files: + ocp4-high-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ovn-cni-server-sock: + ocp4-high-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-owner-ovn-db-files: + ocp4-high-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-owner-ovs-conf-db: + ocp4-high-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db-lock: + ocp4-high-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-pid: + ocp4-high-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-sys-id-conf: + ocp4-high-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovsdb-server-pid: + ocp4-high-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-scheduler-kubeconfig: + ocp4-high-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-worker-ca: + ocp4-high-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-kubeconfig: + ocp4-high-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-service: + ocp4-high-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-ownership-var-log-kube-audit: + ocp4-high-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-oauth-audit: + ocp4-high-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-ocp-audit: + ocp4-high-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-cni-conf: + ocp4-high-node-worker-file-permissions-cni-conf: default_result: FAIL - e2e-high-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-dir: + ocp4-high-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-files: + ocp4-high-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-member: + ocp4-high-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-high-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ip-allocations: + ocp4-high-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-apiserver: + ocp4-high-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-controller-manager: + ocp4-high-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kubelet: + ocp4-high-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-kubelet-conf: + ocp4-high-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-multus-conf: + ocp4-high-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-high-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-openshift-pki-key-files: + ocp4-high-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-high-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-permissions-ovn-db-files: + ocp4-high-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db: + ocp4-high-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-high-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-pid: + ocp4-high-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-high-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovsdb-server-pid: + ocp4-high-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-scheduler: + ocp4-high-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-high-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-kube-audit: + ocp4-high-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-oauth-audit: + ocp4-high-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-ocp-audit: + ocp4-high-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-worker-ca: + ocp4-high-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-kubeconfig: + ocp4-high-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-service: + ocp4-high-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-kubelet-anonymous-auth: + ocp4-high-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-authorization-mode: + ocp4-high-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-client-ca: + ocp4-high-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-event-creation: + ocp4-high-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-high-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-min-version: + ocp4-high-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-cert-rotation: + ocp4-high-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-client-cert-rotation: + ocp4-high-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-iptables-util-chains: + ocp4-high-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-server-cert-rotation: + ocp4-high-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-streaming-connections: + ocp4-high-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-partition-for-var-log-kube-apiserver: + ocp4-high-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-high-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-high-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-worker-reject-unsigned-images-by-default: + ocp4-high-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-high-node-4.14.yml b/tests/assertions/ocp4/ocp4-high-node-4.14.yml index a2b347e395b..23bdd002af6 100644 --- a/tests/assertions/ocp4/ocp4-high-node-4.14.yml +++ b/tests/assertions/ocp4/ocp4-high-node-4.14.yml @@ -1,720 +1,720 @@ rule_results: - e2e-high-node-master-directory-access-var-log-kube-audit: + ocp4-high-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-oauth-audit: + ocp4-high-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-ocp-audit: + ocp4-high-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-kube-audit: + ocp4-high-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-oauth-audit: + ocp4-high-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-ocp-audit: + ocp4-high-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-etcd-unique-ca: + ocp4-high-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-cni-conf: + ocp4-high-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-dir: + ocp4-high-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-files: + ocp4-high-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-member: + ocp4-high-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ip-allocations: + ocp4-high-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-kube-apiserver: + ocp4-high-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-controller-manager: + ocp4-high-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-scheduler: + ocp4-high-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kubelet-conf: + ocp4-high-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-multus-conf: + ocp4-high-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-key-files: + ocp4-high-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-groupowner-ovn-db-files: + ocp4-high-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-pid: + ocp4-high-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovsdb-server-pid: + ocp4-high-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-ca: + ocp4-high-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-kubeconfig: + ocp4-high-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-service: + ocp4-high-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-cni-conf: + ocp4-high-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-controller-manager-kubeconfig: + ocp4-high-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-dir: + ocp4-high-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-files: + ocp4-high-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-member: + ocp4-high-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-pki-cert-files: + ocp4-high-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ip-allocations: + ocp4-high-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-kube-apiserver: + ocp4-high-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-controller-manager: + ocp4-high-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-scheduler: + ocp4-high-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet: + ocp4-high-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet-conf: + ocp4-high-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-master-admin-kubeconfigs: + ocp4-high-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-multus-conf: + ocp4-high-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-cert-files: + ocp4-high-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-key-files: + ocp4-high-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-ovn-cni-server-sock: + ocp4-high-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-owner-ovn-db-files: + ocp4-high-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-owner-ovs-conf-db: + ocp4-high-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db-lock: + ocp4-high-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-pid: + ocp4-high-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-sys-id-conf: + ocp4-high-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-vswitchd-pid: + ocp4-high-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovsdb-server-pid: + ocp4-high-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-scheduler-kubeconfig: + ocp4-high-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-ca: + ocp4-high-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-kubeconfig: + ocp4-high-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-service: + ocp4-high-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-kube-audit: + ocp4-high-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-oauth-audit: + ocp4-high-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-ocp-audit: + ocp4-high-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-cni-conf: + ocp4-high-node-master-file-permissions-cni-conf: default_result: PASS - e2e-high-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-dir: + ocp4-high-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-files: + ocp4-high-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-member: + ocp4-high-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-pki-cert-files: + ocp4-high-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ip-allocations: + ocp4-high-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-permissions-kube-apiserver: + ocp4-high-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kube-controller-manager: + ocp4-high-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet: + ocp4-high-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet-conf: + ocp4-high-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-multus-conf: + ocp4-high-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-cert-files: + ocp4-high-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-key-files: + ocp4-high-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-cni-server-sock: + ocp4-high-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-permissions-ovn-db-files: + ocp4-high-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-master-file-permissions-ovs-conf-db: + ocp4-high-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db-lock: + ocp4-high-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-pid: + ocp4-high-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-sys-id-conf: + ocp4-high-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovsdb-server-pid: + ocp4-high-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler: + ocp4-high-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler-kubeconfig: + ocp4-high-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-kube-audit: + ocp4-high-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-oauth-audit: + ocp4-high-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-ocp-audit: + ocp4-high-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-ca: + ocp4-high-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-kubeconfig: + ocp4-high-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-service: + ocp4-high-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-kubelet-anonymous-auth: + ocp4-high-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-authorization-mode: + ocp4-high-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-client-ca: + ocp4-high-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-event-creation: + ocp4-high-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-cipher-suites: + ocp4-high-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-min-version: + ocp4-high-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-cert-rotation: + ocp4-high-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-client-cert-rotation: + ocp4-high-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-iptables-util-chains: + ocp4-high-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-server-cert-rotation: + ocp4-high-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-streaming-connections: + ocp4-high-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-partition-for-var-log-kube-apiserver: + ocp4-high-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-oauth-apiserver: + ocp4-high-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-openshift-apiserver: + ocp4-high-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-master-reject-unsigned-images-by-default: + ocp4-high-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-directory-access-var-log-kube-audit: + ocp4-high-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-oauth-audit: + ocp4-high-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-ocp-audit: + ocp4-high-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-kube-audit: + ocp4-high-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-high-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-high-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-etcd-unique-ca: + ocp4-high-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-cni-conf: + ocp4-high-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-dir: + ocp4-high-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-files: + ocp4-high-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-member: + ocp4-high-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ip-allocations: + ocp4-high-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-apiserver: + ocp4-high-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-controller-manager: + ocp4-high-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-scheduler: + ocp4-high-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kubelet-conf: + ocp4-high-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-multus-conf: + ocp4-high-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-groupowner-ovn-db-files: + ocp4-high-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-pid: + ocp4-high-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-high-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-worker-ca: + ocp4-high-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-kubeconfig: + ocp4-high-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-service: + ocp4-high-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-cni-conf: + ocp4-high-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-dir: + ocp4-high-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-files: + ocp4-high-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-member: + ocp4-high-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-pki-cert-files: + ocp4-high-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ip-allocations: + ocp4-high-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-apiserver: + ocp4-high-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-controller-manager: + ocp4-high-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-scheduler: + ocp4-high-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kubelet: + ocp4-high-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-kubelet-conf: + ocp4-high-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-multus-conf: + ocp4-high-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-openshift-pki-cert-files: + ocp4-high-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-pki-key-files: + ocp4-high-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ovn-cni-server-sock: + ocp4-high-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-owner-ovn-db-files: + ocp4-high-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-owner-ovs-conf-db: + ocp4-high-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db-lock: + ocp4-high-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-pid: + ocp4-high-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-sys-id-conf: + ocp4-high-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovsdb-server-pid: + ocp4-high-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-scheduler-kubeconfig: + ocp4-high-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-worker-ca: + ocp4-high-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-kubeconfig: + ocp4-high-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-service: + ocp4-high-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-ownership-var-log-kube-audit: + ocp4-high-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-oauth-audit: + ocp4-high-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-ocp-audit: + ocp4-high-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-cni-conf: + ocp4-high-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-high-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-dir: + ocp4-high-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-files: + ocp4-high-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-member: + ocp4-high-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-high-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ip-allocations: + ocp4-high-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-apiserver: + ocp4-high-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-controller-manager: + ocp4-high-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kubelet: + ocp4-high-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-kubelet-conf: + ocp4-high-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-multus-conf: + ocp4-high-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-high-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-openshift-pki-key-files: + ocp4-high-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-high-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-permissions-ovn-db-files: + ocp4-high-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db: + ocp4-high-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-high-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-pid: + ocp4-high-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-high-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovsdb-server-pid: + ocp4-high-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-scheduler: + ocp4-high-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-high-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-kube-audit: + ocp4-high-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-oauth-audit: + ocp4-high-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-ocp-audit: + ocp4-high-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-worker-ca: + ocp4-high-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-kubeconfig: + ocp4-high-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-service: + ocp4-high-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-kubelet-anonymous-auth: + ocp4-high-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-authorization-mode: + ocp4-high-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-client-ca: + ocp4-high-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-event-creation: + ocp4-high-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-high-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-min-version: + ocp4-high-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-cert-rotation: + ocp4-high-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-client-cert-rotation: + ocp4-high-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-iptables-util-chains: + ocp4-high-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-server-cert-rotation: + ocp4-high-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-streaming-connections: + ocp4-high-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-partition-for-var-log-kube-apiserver: + ocp4-high-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-high-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-high-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-worker-reject-unsigned-images-by-default: + ocp4-high-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-high-node-4.15.yml b/tests/assertions/ocp4/ocp4-high-node-4.15.yml index a2b347e395b..23bdd002af6 100644 --- a/tests/assertions/ocp4/ocp4-high-node-4.15.yml +++ b/tests/assertions/ocp4/ocp4-high-node-4.15.yml @@ -1,720 +1,720 @@ rule_results: - e2e-high-node-master-directory-access-var-log-kube-audit: + ocp4-high-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-oauth-audit: + ocp4-high-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-ocp-audit: + ocp4-high-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-kube-audit: + ocp4-high-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-oauth-audit: + ocp4-high-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-ocp-audit: + ocp4-high-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-etcd-unique-ca: + ocp4-high-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-cni-conf: + ocp4-high-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-dir: + ocp4-high-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-files: + ocp4-high-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-member: + ocp4-high-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ip-allocations: + ocp4-high-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-kube-apiserver: + ocp4-high-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-controller-manager: + ocp4-high-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-scheduler: + ocp4-high-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kubelet-conf: + ocp4-high-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-multus-conf: + ocp4-high-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-key-files: + ocp4-high-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-groupowner-ovn-db-files: + ocp4-high-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-pid: + ocp4-high-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovsdb-server-pid: + ocp4-high-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-ca: + ocp4-high-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-kubeconfig: + ocp4-high-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-service: + ocp4-high-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-cni-conf: + ocp4-high-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-controller-manager-kubeconfig: + ocp4-high-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-dir: + ocp4-high-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-files: + ocp4-high-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-member: + ocp4-high-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-pki-cert-files: + ocp4-high-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ip-allocations: + ocp4-high-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-kube-apiserver: + ocp4-high-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-controller-manager: + ocp4-high-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-scheduler: + ocp4-high-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet: + ocp4-high-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet-conf: + ocp4-high-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-master-admin-kubeconfigs: + ocp4-high-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-multus-conf: + ocp4-high-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-cert-files: + ocp4-high-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-key-files: + ocp4-high-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-ovn-cni-server-sock: + ocp4-high-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-owner-ovn-db-files: + ocp4-high-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-owner-ovs-conf-db: + ocp4-high-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db-lock: + ocp4-high-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-pid: + ocp4-high-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-sys-id-conf: + ocp4-high-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-vswitchd-pid: + ocp4-high-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovsdb-server-pid: + ocp4-high-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-scheduler-kubeconfig: + ocp4-high-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-ca: + ocp4-high-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-kubeconfig: + ocp4-high-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-service: + ocp4-high-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-kube-audit: + ocp4-high-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-oauth-audit: + ocp4-high-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-ocp-audit: + ocp4-high-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-cni-conf: + ocp4-high-node-master-file-permissions-cni-conf: default_result: PASS - e2e-high-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-dir: + ocp4-high-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-files: + ocp4-high-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-member: + ocp4-high-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-pki-cert-files: + ocp4-high-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ip-allocations: + ocp4-high-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-permissions-kube-apiserver: + ocp4-high-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kube-controller-manager: + ocp4-high-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet: + ocp4-high-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet-conf: + ocp4-high-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-multus-conf: + ocp4-high-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-cert-files: + ocp4-high-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-key-files: + ocp4-high-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-cni-server-sock: + ocp4-high-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-permissions-ovn-db-files: + ocp4-high-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-master-file-permissions-ovs-conf-db: + ocp4-high-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db-lock: + ocp4-high-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-pid: + ocp4-high-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-sys-id-conf: + ocp4-high-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovsdb-server-pid: + ocp4-high-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler: + ocp4-high-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler-kubeconfig: + ocp4-high-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-kube-audit: + ocp4-high-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-oauth-audit: + ocp4-high-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-ocp-audit: + ocp4-high-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-ca: + ocp4-high-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-kubeconfig: + ocp4-high-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-service: + ocp4-high-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-kubelet-anonymous-auth: + ocp4-high-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-authorization-mode: + ocp4-high-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-client-ca: + ocp4-high-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-event-creation: + ocp4-high-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-cipher-suites: + ocp4-high-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-min-version: + ocp4-high-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-cert-rotation: + ocp4-high-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-client-cert-rotation: + ocp4-high-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-iptables-util-chains: + ocp4-high-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-server-cert-rotation: + ocp4-high-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-streaming-connections: + ocp4-high-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-partition-for-var-log-kube-apiserver: + ocp4-high-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-oauth-apiserver: + ocp4-high-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-openshift-apiserver: + ocp4-high-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-master-reject-unsigned-images-by-default: + ocp4-high-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-directory-access-var-log-kube-audit: + ocp4-high-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-oauth-audit: + ocp4-high-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-ocp-audit: + ocp4-high-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-kube-audit: + ocp4-high-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-high-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-high-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-etcd-unique-ca: + ocp4-high-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-cni-conf: + ocp4-high-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-dir: + ocp4-high-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-files: + ocp4-high-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-member: + ocp4-high-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ip-allocations: + ocp4-high-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-apiserver: + ocp4-high-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-controller-manager: + ocp4-high-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-scheduler: + ocp4-high-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kubelet-conf: + ocp4-high-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-multus-conf: + ocp4-high-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-groupowner-ovn-db-files: + ocp4-high-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-pid: + ocp4-high-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-high-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-worker-ca: + ocp4-high-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-kubeconfig: + ocp4-high-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-service: + ocp4-high-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-cni-conf: + ocp4-high-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-dir: + ocp4-high-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-files: + ocp4-high-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-member: + ocp4-high-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-pki-cert-files: + ocp4-high-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ip-allocations: + ocp4-high-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-apiserver: + ocp4-high-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-controller-manager: + ocp4-high-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-scheduler: + ocp4-high-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kubelet: + ocp4-high-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-kubelet-conf: + ocp4-high-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-multus-conf: + ocp4-high-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-openshift-pki-cert-files: + ocp4-high-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-pki-key-files: + ocp4-high-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ovn-cni-server-sock: + ocp4-high-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-owner-ovn-db-files: + ocp4-high-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-owner-ovs-conf-db: + ocp4-high-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db-lock: + ocp4-high-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-pid: + ocp4-high-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-sys-id-conf: + ocp4-high-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovsdb-server-pid: + ocp4-high-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-scheduler-kubeconfig: + ocp4-high-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-worker-ca: + ocp4-high-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-kubeconfig: + ocp4-high-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-service: + ocp4-high-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-ownership-var-log-kube-audit: + ocp4-high-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-oauth-audit: + ocp4-high-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-ocp-audit: + ocp4-high-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-cni-conf: + ocp4-high-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-high-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-dir: + ocp4-high-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-files: + ocp4-high-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-member: + ocp4-high-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-high-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ip-allocations: + ocp4-high-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-apiserver: + ocp4-high-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-controller-manager: + ocp4-high-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kubelet: + ocp4-high-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-kubelet-conf: + ocp4-high-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-multus-conf: + ocp4-high-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-high-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-openshift-pki-key-files: + ocp4-high-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-high-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-permissions-ovn-db-files: + ocp4-high-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db: + ocp4-high-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-high-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-pid: + ocp4-high-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-high-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovsdb-server-pid: + ocp4-high-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-scheduler: + ocp4-high-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-high-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-kube-audit: + ocp4-high-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-oauth-audit: + ocp4-high-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-ocp-audit: + ocp4-high-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-worker-ca: + ocp4-high-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-kubeconfig: + ocp4-high-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-service: + ocp4-high-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-kubelet-anonymous-auth: + ocp4-high-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-authorization-mode: + ocp4-high-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-client-ca: + ocp4-high-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-event-creation: + ocp4-high-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-high-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-min-version: + ocp4-high-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-cert-rotation: + ocp4-high-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-client-cert-rotation: + ocp4-high-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-iptables-util-chains: + ocp4-high-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-server-cert-rotation: + ocp4-high-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-streaming-connections: + ocp4-high-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-partition-for-var-log-kube-apiserver: + ocp4-high-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-high-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-high-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-worker-reject-unsigned-images-by-default: + ocp4-high-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-high-node-4.16.yml b/tests/assertions/ocp4/ocp4-high-node-4.16.yml index a2b347e395b..23bdd002af6 100644 --- a/tests/assertions/ocp4/ocp4-high-node-4.16.yml +++ b/tests/assertions/ocp4/ocp4-high-node-4.16.yml @@ -1,720 +1,720 @@ rule_results: - e2e-high-node-master-directory-access-var-log-kube-audit: + ocp4-high-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-oauth-audit: + ocp4-high-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-ocp-audit: + ocp4-high-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-kube-audit: + ocp4-high-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-oauth-audit: + ocp4-high-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-ocp-audit: + ocp4-high-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-etcd-unique-ca: + ocp4-high-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-cni-conf: + ocp4-high-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-dir: + ocp4-high-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-files: + ocp4-high-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-member: + ocp4-high-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ip-allocations: + ocp4-high-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-kube-apiserver: + ocp4-high-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-controller-manager: + ocp4-high-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-scheduler: + ocp4-high-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kubelet-conf: + ocp4-high-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-multus-conf: + ocp4-high-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-key-files: + ocp4-high-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-groupowner-ovn-db-files: + ocp4-high-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-pid: + ocp4-high-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovsdb-server-pid: + ocp4-high-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-ca: + ocp4-high-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-kubeconfig: + ocp4-high-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-service: + ocp4-high-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-cni-conf: + ocp4-high-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-controller-manager-kubeconfig: + ocp4-high-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-dir: + ocp4-high-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-files: + ocp4-high-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-member: + ocp4-high-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-pki-cert-files: + ocp4-high-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ip-allocations: + ocp4-high-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-kube-apiserver: + ocp4-high-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-controller-manager: + ocp4-high-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-scheduler: + ocp4-high-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet: + ocp4-high-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet-conf: + ocp4-high-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-master-admin-kubeconfigs: + ocp4-high-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-multus-conf: + ocp4-high-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-cert-files: + ocp4-high-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-key-files: + ocp4-high-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-ovn-cni-server-sock: + ocp4-high-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-owner-ovn-db-files: + ocp4-high-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-owner-ovs-conf-db: + ocp4-high-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db-lock: + ocp4-high-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-pid: + ocp4-high-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-sys-id-conf: + ocp4-high-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-vswitchd-pid: + ocp4-high-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovsdb-server-pid: + ocp4-high-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-scheduler-kubeconfig: + ocp4-high-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-ca: + ocp4-high-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-kubeconfig: + ocp4-high-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-service: + ocp4-high-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-kube-audit: + ocp4-high-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-oauth-audit: + ocp4-high-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-ocp-audit: + ocp4-high-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-cni-conf: + ocp4-high-node-master-file-permissions-cni-conf: default_result: PASS - e2e-high-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-dir: + ocp4-high-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-files: + ocp4-high-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-member: + ocp4-high-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-pki-cert-files: + ocp4-high-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ip-allocations: + ocp4-high-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-permissions-kube-apiserver: + ocp4-high-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kube-controller-manager: + ocp4-high-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet: + ocp4-high-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet-conf: + ocp4-high-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-multus-conf: + ocp4-high-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-cert-files: + ocp4-high-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-key-files: + ocp4-high-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-cni-server-sock: + ocp4-high-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-permissions-ovn-db-files: + ocp4-high-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-master-file-permissions-ovs-conf-db: + ocp4-high-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db-lock: + ocp4-high-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-pid: + ocp4-high-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-sys-id-conf: + ocp4-high-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovsdb-server-pid: + ocp4-high-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler: + ocp4-high-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler-kubeconfig: + ocp4-high-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-kube-audit: + ocp4-high-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-oauth-audit: + ocp4-high-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-ocp-audit: + ocp4-high-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-ca: + ocp4-high-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-kubeconfig: + ocp4-high-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-service: + ocp4-high-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-kubelet-anonymous-auth: + ocp4-high-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-authorization-mode: + ocp4-high-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-client-ca: + ocp4-high-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-event-creation: + ocp4-high-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-cipher-suites: + ocp4-high-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-min-version: + ocp4-high-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-cert-rotation: + ocp4-high-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-client-cert-rotation: + ocp4-high-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-iptables-util-chains: + ocp4-high-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-server-cert-rotation: + ocp4-high-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-streaming-connections: + ocp4-high-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-partition-for-var-log-kube-apiserver: + ocp4-high-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-oauth-apiserver: + ocp4-high-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-openshift-apiserver: + ocp4-high-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-master-reject-unsigned-images-by-default: + ocp4-high-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-directory-access-var-log-kube-audit: + ocp4-high-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-oauth-audit: + ocp4-high-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-ocp-audit: + ocp4-high-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-kube-audit: + ocp4-high-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-high-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-high-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-etcd-unique-ca: + ocp4-high-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-cni-conf: + ocp4-high-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-dir: + ocp4-high-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-files: + ocp4-high-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-member: + ocp4-high-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ip-allocations: + ocp4-high-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-apiserver: + ocp4-high-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-controller-manager: + ocp4-high-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-scheduler: + ocp4-high-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kubelet-conf: + ocp4-high-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-multus-conf: + ocp4-high-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-groupowner-ovn-db-files: + ocp4-high-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-pid: + ocp4-high-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-high-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-worker-ca: + ocp4-high-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-kubeconfig: + ocp4-high-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-service: + ocp4-high-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-cni-conf: + ocp4-high-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-dir: + ocp4-high-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-files: + ocp4-high-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-member: + ocp4-high-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-pki-cert-files: + ocp4-high-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ip-allocations: + ocp4-high-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-apiserver: + ocp4-high-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-controller-manager: + ocp4-high-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-scheduler: + ocp4-high-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kubelet: + ocp4-high-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-kubelet-conf: + ocp4-high-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-multus-conf: + ocp4-high-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-openshift-pki-cert-files: + ocp4-high-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-pki-key-files: + ocp4-high-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ovn-cni-server-sock: + ocp4-high-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-owner-ovn-db-files: + ocp4-high-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-owner-ovs-conf-db: + ocp4-high-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db-lock: + ocp4-high-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-pid: + ocp4-high-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-sys-id-conf: + ocp4-high-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovsdb-server-pid: + ocp4-high-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-scheduler-kubeconfig: + ocp4-high-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-worker-ca: + ocp4-high-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-kubeconfig: + ocp4-high-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-service: + ocp4-high-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-ownership-var-log-kube-audit: + ocp4-high-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-oauth-audit: + ocp4-high-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-ocp-audit: + ocp4-high-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-cni-conf: + ocp4-high-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-high-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-dir: + ocp4-high-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-files: + ocp4-high-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-member: + ocp4-high-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-high-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ip-allocations: + ocp4-high-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-apiserver: + ocp4-high-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-controller-manager: + ocp4-high-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kubelet: + ocp4-high-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-kubelet-conf: + ocp4-high-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-multus-conf: + ocp4-high-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-high-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-openshift-pki-key-files: + ocp4-high-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-high-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-permissions-ovn-db-files: + ocp4-high-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db: + ocp4-high-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-high-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-pid: + ocp4-high-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-high-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovsdb-server-pid: + ocp4-high-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-scheduler: + ocp4-high-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-high-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-kube-audit: + ocp4-high-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-oauth-audit: + ocp4-high-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-ocp-audit: + ocp4-high-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-worker-ca: + ocp4-high-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-kubeconfig: + ocp4-high-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-service: + ocp4-high-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-kubelet-anonymous-auth: + ocp4-high-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-authorization-mode: + ocp4-high-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-client-ca: + ocp4-high-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-event-creation: + ocp4-high-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-high-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-min-version: + ocp4-high-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-cert-rotation: + ocp4-high-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-client-cert-rotation: + ocp4-high-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-iptables-util-chains: + ocp4-high-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-server-cert-rotation: + ocp4-high-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-streaming-connections: + ocp4-high-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-partition-for-var-log-kube-apiserver: + ocp4-high-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-high-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-high-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-worker-reject-unsigned-images-by-default: + ocp4-high-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-high-node-4.17.yml b/tests/assertions/ocp4/ocp4-high-node-4.17.yml index 7b7dbcd9d51..f85aafbb393 100644 --- a/tests/assertions/ocp4/ocp4-high-node-4.17.yml +++ b/tests/assertions/ocp4/ocp4-high-node-4.17.yml @@ -1,739 +1,739 @@ rule_results: - e2e-high-node-master-directory-access-var-log-kube-audit: + ocp4-high-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-oauth-audit: + ocp4-high-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-ocp-audit: + ocp4-high-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-kube-audit: + ocp4-high-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-oauth-audit: + ocp4-high-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-ocp-audit: + ocp4-high-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-etcd-unique-ca: + ocp4-high-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-cni-conf: + ocp4-high-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-dir: + ocp4-high-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-files: + ocp4-high-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-member: + ocp4-high-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ip-allocations: + ocp4-high-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-kube-apiserver: + ocp4-high-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-controller-manager: + ocp4-high-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-scheduler: + ocp4-high-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kubelet-conf: + ocp4-high-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-multus-conf: + ocp4-high-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-key-files: + ocp4-high-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovn-db-files: + ocp4-high-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-pid: + ocp4-high-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovsdb-server-pid: + ocp4-high-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-ca: + ocp4-high-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-kubeconfig: + ocp4-high-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-service: + ocp4-high-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-cni-conf: + ocp4-high-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-controller-manager-kubeconfig: + ocp4-high-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-dir: + ocp4-high-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-files: + ocp4-high-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-member: + ocp4-high-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-pki-cert-files: + ocp4-high-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ip-allocations: + ocp4-high-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-kube-apiserver: + ocp4-high-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-controller-manager: + ocp4-high-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-scheduler: + ocp4-high-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet: + ocp4-high-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet-conf: + ocp4-high-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-master-admin-kubeconfigs: + ocp4-high-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-multus-conf: + ocp4-high-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-cert-files: + ocp4-high-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-key-files: + ocp4-high-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-ovn-cni-server-sock: + ocp4-high-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovn-db-files: + ocp4-high-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db: + ocp4-high-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db-lock: + ocp4-high-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-pid: + ocp4-high-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-sys-id-conf: + ocp4-high-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-vswitchd-pid: + ocp4-high-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovsdb-server-pid: + ocp4-high-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-scheduler-kubeconfig: + ocp4-high-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-ca: + ocp4-high-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-kubeconfig: + ocp4-high-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-service: + ocp4-high-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-kube-audit: + ocp4-high-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-oauth-audit: + ocp4-high-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-ocp-audit: + ocp4-high-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-cni-conf: + ocp4-high-node-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-dir: + ocp4-high-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-files: + ocp4-high-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-member: + ocp4-high-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-pki-cert-files: + ocp4-high-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ip-allocations: + ocp4-high-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-permissions-kube-apiserver: + ocp4-high-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kube-controller-manager: + ocp4-high-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet: + ocp4-high-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet-conf: + ocp4-high-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-multus-conf: + ocp4-high-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-cert-files: + ocp4-high-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-key-files: + ocp4-high-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-cni-server-sock: + ocp4-high-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-db-files: + ocp4-high-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db: + ocp4-high-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db-lock: + ocp4-high-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-pid: + ocp4-high-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-sys-id-conf: + ocp4-high-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovsdb-server-pid: + ocp4-high-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler: + ocp4-high-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler-kubeconfig: + ocp4-high-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-kube-audit: + ocp4-high-node-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-oauth-audit: + ocp4-high-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-ocp-audit: + ocp4-high-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-ca: + ocp4-high-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-kubeconfig: + ocp4-high-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-service: + ocp4-high-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-kubelet-anonymous-auth: + ocp4-high-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-authorization-mode: + ocp4-high-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-client-ca: + ocp4-high-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-event-creation: + ocp4-high-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-cipher-suites: + ocp4-high-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-min-version: + ocp4-high-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-cert-rotation: + ocp4-high-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-client-cert-rotation: + ocp4-high-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-iptables-util-chains: + ocp4-high-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-server-cert-rotation: + ocp4-high-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-streaming-connections: + ocp4-high-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-partition-for-var-log-kube-apiserver: + ocp4-high-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-partition-for-var-log-oauth-apiserver: + ocp4-high-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-partition-for-var-log-openshift-apiserver: + ocp4-high-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-reject-unsigned-images-by-default: + ocp4-high-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-directory-access-var-log-kube-audit: + ocp4-high-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-oauth-audit: + ocp4-high-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-ocp-audit: + ocp4-high-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-kube-audit: + ocp4-high-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-high-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-high-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-etcd-unique-ca: + ocp4-high-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-cni-conf: + ocp4-high-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-dir: + ocp4-high-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-files: + ocp4-high-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-member: + ocp4-high-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ip-allocations: + ocp4-high-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-apiserver: + ocp4-high-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-controller-manager: + ocp4-high-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-scheduler: + ocp4-high-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kubelet-conf: + ocp4-high-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-multus-conf: + ocp4-high-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovn-db-files: + ocp4-high-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-pid: + ocp4-high-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-high-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-worker-ca: + ocp4-high-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-kubeconfig: + ocp4-high-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-service: + ocp4-high-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-cni-conf: + ocp4-high-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-dir: + ocp4-high-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-files: + ocp4-high-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-member: + ocp4-high-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-pki-cert-files: + ocp4-high-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ip-allocations: + ocp4-high-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-apiserver: + ocp4-high-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-controller-manager: + ocp4-high-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-scheduler: + ocp4-high-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kubelet: + ocp4-high-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-kubelet-conf: + ocp4-high-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-multus-conf: + ocp4-high-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-openshift-pki-cert-files: + ocp4-high-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-pki-key-files: + ocp4-high-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ovn-cni-server-sock: + ocp4-high-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovn-db-files: + ocp4-high-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db: + ocp4-high-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db-lock: + ocp4-high-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-pid: + ocp4-high-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-sys-id-conf: + ocp4-high-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovsdb-server-pid: + ocp4-high-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-scheduler-kubeconfig: + ocp4-high-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-worker-ca: + ocp4-high-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-kubeconfig: + ocp4-high-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-service: + ocp4-high-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-ownership-var-log-kube-audit: + ocp4-high-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-oauth-audit: + ocp4-high-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-ocp-audit: + ocp4-high-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-cni-conf: + ocp4-high-node-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-dir: + ocp4-high-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-files: + ocp4-high-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-member: + ocp4-high-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-high-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ip-allocations: + ocp4-high-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-apiserver: + ocp4-high-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-controller-manager: + ocp4-high-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kubelet: + ocp4-high-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-kubelet-conf: + ocp4-high-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-multus-conf: + ocp4-high-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-high-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-openshift-pki-key-files: + ocp4-high-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-high-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovn-db-files: + ocp4-high-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db: + ocp4-high-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-high-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-pid: + ocp4-high-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-high-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovsdb-server-pid: + ocp4-high-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-scheduler: + ocp4-high-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-high-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-kube-audit: + ocp4-high-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-oauth-audit: + ocp4-high-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-ocp-audit: + ocp4-high-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-worker-ca: + ocp4-high-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-kubeconfig: + ocp4-high-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-service: + ocp4-high-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-kubelet-anonymous-auth: + ocp4-high-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-authorization-mode: + ocp4-high-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-client-ca: + ocp4-high-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-event-creation: + ocp4-high-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-high-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-min-version: + ocp4-high-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-cert-rotation: + ocp4-high-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-client-cert-rotation: + ocp4-high-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-iptables-util-chains: + ocp4-high-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-server-cert-rotation: + ocp4-high-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-streaming-connections: + ocp4-high-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-partition-for-var-log-kube-apiserver: + ocp4-high-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-high-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-high-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-reject-unsigned-images-by-default: + ocp4-high-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-high-node-4.18.yml b/tests/assertions/ocp4/ocp4-high-node-4.18.yml index 7b7dbcd9d51..f85aafbb393 100644 --- a/tests/assertions/ocp4/ocp4-high-node-4.18.yml +++ b/tests/assertions/ocp4/ocp4-high-node-4.18.yml @@ -1,739 +1,739 @@ rule_results: - e2e-high-node-master-directory-access-var-log-kube-audit: + ocp4-high-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-oauth-audit: + ocp4-high-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-ocp-audit: + ocp4-high-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-kube-audit: + ocp4-high-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-oauth-audit: + ocp4-high-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-ocp-audit: + ocp4-high-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-etcd-unique-ca: + ocp4-high-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-cni-conf: + ocp4-high-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-dir: + ocp4-high-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-files: + ocp4-high-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-member: + ocp4-high-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ip-allocations: + ocp4-high-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-kube-apiserver: + ocp4-high-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-controller-manager: + ocp4-high-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-scheduler: + ocp4-high-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kubelet-conf: + ocp4-high-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-multus-conf: + ocp4-high-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-key-files: + ocp4-high-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovn-db-files: + ocp4-high-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-pid: + ocp4-high-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovsdb-server-pid: + ocp4-high-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-ca: + ocp4-high-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-kubeconfig: + ocp4-high-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-service: + ocp4-high-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-cni-conf: + ocp4-high-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-controller-manager-kubeconfig: + ocp4-high-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-dir: + ocp4-high-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-files: + ocp4-high-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-member: + ocp4-high-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-pki-cert-files: + ocp4-high-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ip-allocations: + ocp4-high-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-kube-apiserver: + ocp4-high-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-controller-manager: + ocp4-high-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-scheduler: + ocp4-high-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet: + ocp4-high-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet-conf: + ocp4-high-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-master-admin-kubeconfigs: + ocp4-high-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-multus-conf: + ocp4-high-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-cert-files: + ocp4-high-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-key-files: + ocp4-high-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-ovn-cni-server-sock: + ocp4-high-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovn-db-files: + ocp4-high-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db: + ocp4-high-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db-lock: + ocp4-high-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-pid: + ocp4-high-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-sys-id-conf: + ocp4-high-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-vswitchd-pid: + ocp4-high-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovsdb-server-pid: + ocp4-high-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-scheduler-kubeconfig: + ocp4-high-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-ca: + ocp4-high-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-kubeconfig: + ocp4-high-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-service: + ocp4-high-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-kube-audit: + ocp4-high-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-oauth-audit: + ocp4-high-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-ocp-audit: + ocp4-high-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-cni-conf: + ocp4-high-node-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-dir: + ocp4-high-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-files: + ocp4-high-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-member: + ocp4-high-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-pki-cert-files: + ocp4-high-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ip-allocations: + ocp4-high-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-permissions-kube-apiserver: + ocp4-high-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kube-controller-manager: + ocp4-high-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet: + ocp4-high-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet-conf: + ocp4-high-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-multus-conf: + ocp4-high-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-cert-files: + ocp4-high-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-key-files: + ocp4-high-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-cni-server-sock: + ocp4-high-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-db-files: + ocp4-high-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db: + ocp4-high-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db-lock: + ocp4-high-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-pid: + ocp4-high-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-sys-id-conf: + ocp4-high-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovsdb-server-pid: + ocp4-high-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler: + ocp4-high-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler-kubeconfig: + ocp4-high-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-kube-audit: + ocp4-high-node-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-oauth-audit: + ocp4-high-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-ocp-audit: + ocp4-high-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-ca: + ocp4-high-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-kubeconfig: + ocp4-high-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-service: + ocp4-high-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-kubelet-anonymous-auth: + ocp4-high-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-authorization-mode: + ocp4-high-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-client-ca: + ocp4-high-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-event-creation: + ocp4-high-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-cipher-suites: + ocp4-high-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-min-version: + ocp4-high-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-cert-rotation: + ocp4-high-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-client-cert-rotation: + ocp4-high-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-iptables-util-chains: + ocp4-high-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-server-cert-rotation: + ocp4-high-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-streaming-connections: + ocp4-high-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-partition-for-var-log-kube-apiserver: + ocp4-high-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-partition-for-var-log-oauth-apiserver: + ocp4-high-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-partition-for-var-log-openshift-apiserver: + ocp4-high-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-reject-unsigned-images-by-default: + ocp4-high-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-directory-access-var-log-kube-audit: + ocp4-high-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-oauth-audit: + ocp4-high-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-ocp-audit: + ocp4-high-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-kube-audit: + ocp4-high-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-high-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-high-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-etcd-unique-ca: + ocp4-high-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-cni-conf: + ocp4-high-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-dir: + ocp4-high-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-files: + ocp4-high-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-member: + ocp4-high-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ip-allocations: + ocp4-high-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-apiserver: + ocp4-high-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-controller-manager: + ocp4-high-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-scheduler: + ocp4-high-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kubelet-conf: + ocp4-high-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-multus-conf: + ocp4-high-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovn-db-files: + ocp4-high-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-pid: + ocp4-high-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-high-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-worker-ca: + ocp4-high-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-kubeconfig: + ocp4-high-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-service: + ocp4-high-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-cni-conf: + ocp4-high-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-dir: + ocp4-high-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-files: + ocp4-high-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-member: + ocp4-high-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-pki-cert-files: + ocp4-high-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ip-allocations: + ocp4-high-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-apiserver: + ocp4-high-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-controller-manager: + ocp4-high-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-scheduler: + ocp4-high-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kubelet: + ocp4-high-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-kubelet-conf: + ocp4-high-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-multus-conf: + ocp4-high-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-openshift-pki-cert-files: + ocp4-high-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-pki-key-files: + ocp4-high-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ovn-cni-server-sock: + ocp4-high-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovn-db-files: + ocp4-high-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db: + ocp4-high-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db-lock: + ocp4-high-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-pid: + ocp4-high-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-sys-id-conf: + ocp4-high-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovsdb-server-pid: + ocp4-high-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-scheduler-kubeconfig: + ocp4-high-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-worker-ca: + ocp4-high-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-kubeconfig: + ocp4-high-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-service: + ocp4-high-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-ownership-var-log-kube-audit: + ocp4-high-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-oauth-audit: + ocp4-high-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-ocp-audit: + ocp4-high-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-cni-conf: + ocp4-high-node-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-dir: + ocp4-high-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-files: + ocp4-high-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-member: + ocp4-high-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-high-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ip-allocations: + ocp4-high-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-apiserver: + ocp4-high-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-controller-manager: + ocp4-high-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kubelet: + ocp4-high-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-kubelet-conf: + ocp4-high-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-multus-conf: + ocp4-high-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-high-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-openshift-pki-key-files: + ocp4-high-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-high-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovn-db-files: + ocp4-high-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db: + ocp4-high-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-high-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-pid: + ocp4-high-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-high-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovsdb-server-pid: + ocp4-high-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-scheduler: + ocp4-high-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-high-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-kube-audit: + ocp4-high-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-oauth-audit: + ocp4-high-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-ocp-audit: + ocp4-high-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-worker-ca: + ocp4-high-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-kubeconfig: + ocp4-high-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-service: + ocp4-high-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-kubelet-anonymous-auth: + ocp4-high-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-authorization-mode: + ocp4-high-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-client-ca: + ocp4-high-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-event-creation: + ocp4-high-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-high-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-min-version: + ocp4-high-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-cert-rotation: + ocp4-high-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-client-cert-rotation: + ocp4-high-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-iptables-util-chains: + ocp4-high-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-server-cert-rotation: + ocp4-high-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-streaming-connections: + ocp4-high-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-partition-for-var-log-kube-apiserver: + ocp4-high-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-high-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-high-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-reject-unsigned-images-by-default: + ocp4-high-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-moderate-4.12.yml b/tests/assertions/ocp4/ocp4-moderate-4.12.yml index aa7fd2ad127..74855c7b2c0 100644 --- a/tests/assertions/ocp4/ocp4-moderate-4.12.yml +++ b/tests/assertions/ocp4/ocp4-moderate-4.12.yml @@ -1,405 +1,405 @@ rule_results: - e2e-moderate-accounts-restrict-service-account-tokens: + ocp4-moderate-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-accounts-unique-service-account: + ocp4-moderate-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-api-server-admission-control-plugin-alwaysadmit: + ocp4-moderate-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-alwayspullimages: + ocp4-moderate-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-namespacelifecycle: + ocp4-moderate-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-noderestriction: + ocp4-moderate-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-scc: + ocp4-moderate-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-securitycontextdeny: + ocp4-moderate-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-service-account: + ocp4-moderate-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-anonymous-auth: + ocp4-moderate-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-flowschema-catch-all: + ocp4-moderate-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-gate-enabled: + ocp4-moderate-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-audit-log-maxbackup: + ocp4-moderate-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-maxsize: + ocp4-moderate-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-path: + ocp4-moderate-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-no-aa: + ocp4-moderate-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-node: + ocp4-moderate-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-rbac: + ocp4-moderate-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-basic-auth: + ocp4-moderate-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-bind-address: + ocp4-moderate-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-client-ca: + ocp4-moderate-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-encryption-provider-cipher: + ocp4-moderate-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-etcd-ca: + ocp4-moderate-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-cert: + ocp4-moderate-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-key: + ocp4-moderate-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-https-for-kubelet-conn: + ocp4-moderate-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-bind-address: + ocp4-moderate-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-port: + ocp4-moderate-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-certificate-authority: + ocp4-moderate-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert: + ocp4-moderate-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert-pre-4-9: + ocp4-moderate-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-client-key: + ocp4-moderate-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-key-pre-4-9: + ocp4-moderate-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-no-adm-ctrl-plugins-disabled: + ocp4-moderate-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-oauth-https-serving-cert: + ocp4-moderate-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-openshift-https-serving-cert: + ocp4-moderate-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-profiling-protected-by-rbac: + ocp4-moderate-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-request-timeout: + ocp4-moderate-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-lookup: + ocp4-moderate-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-public-key: + ocp4-moderate-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cert: + ocp4-moderate-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cipher-suites: + ocp4-moderate-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-private-key: + ocp4-moderate-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile: + ocp4-moderate-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-token-auth: + ocp4-moderate-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-error-alert-exists: + ocp4-moderate-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-enabled: + ocp4-moderate-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-uses-tls: + ocp4-moderate-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-webhook: + ocp4-moderate-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-audit-logging-enabled: + ocp4-moderate-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-profile-set: + ocp4-moderate-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-banner-or-login-template-set: + ocp4-moderate-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-cluster-version-operator-exists: + ocp4-moderate-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-version-operator-verify-integrity: + ocp4-moderate-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-wide-proxy-set: + ocp4-moderate-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-compliance-notification-enabled: + ocp4-moderate-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies: + ocp4-moderate-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies-hypershift-hosted: + ocp4-moderate-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-configure-network-policies-namespaces: + ocp4-moderate-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-insecure-port-disabled: + ocp4-moderate-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-rotate-kubelet-server-certs: + ocp4-moderate-controller-rotate-kubelet-server-certs: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-secure-port: + ocp4-moderate-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-ca: + ocp4-moderate-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-private-key: + ocp4-moderate-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-use-service-account: + ocp4-moderate-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-default-ingress-ca-replaced: + ocp4-moderate-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-moderate-etcd-auto-tls: + ocp4-moderate-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-cert-file: + ocp4-moderate-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-client-cert-auth: + ocp4-moderate-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-key-file: + ocp4-moderate-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-auto-tls: + ocp4-moderate-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-cert-file: + ocp4-moderate-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-client-cert-auth: + ocp4-moderate-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-key-file: + ocp4-moderate-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-file-groupowner-proxy-kubeconfig: + ocp4-moderate-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-integrity-exists: + ocp4-moderate-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-integrity-notification-enabled: + ocp4-moderate-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-owner-proxy-kubeconfig: + ocp4-moderate-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-permissions-proxy-kubeconfig: + ocp4-moderate-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-fips-mode-enabled-on-all-nodes: + ocp4-moderate-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-moderate-general-apply-scc: + ocp4-moderate-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-configure-imagepolicywebhook: + ocp4-moderate-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-namespace-use: + ocp4-moderate-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-seccomp-profile: + ocp4-moderate-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-namespaces-in-use: + ocp4-moderate-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-idp-is-configured: + ocp4-moderate-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-certificate: + ocp4-moderate-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-tls-security-profile: + ocp4-moderate-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubeadmin-removed: + ocp4-moderate-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-kubelet-configure-tls-cert: + ocp4-moderate-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-configure-tls-cert-pre-4-9: + ocp4-moderate-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-kubelet-configure-tls-key: + ocp4-moderate-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-disable-readonly-port: + ocp4-moderate-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-inactivity-timeout: + ocp4-moderate-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-token-maxage: + ocp4-moderate-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ocp-allowed-registries: + ocp4-moderate-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-allowed-registries-for-import: + ocp4-moderate-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-api-server-audit-log-maxbackup: + ocp4-moderate-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-api-server-audit-log-maxsize: + ocp4-moderate-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-idp-no-htpasswd: + ocp4-moderate-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-allowed-registries-for-import: + ocp4-moderate-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-registries: + ocp4-moderate-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-no-ldap-insecure: + ocp4-moderate-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-api-server-audit-log-path: + ocp4-moderate-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-motd-exists: + ocp4-moderate-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-moderate-rbac-debug-role-protects-pprof: + ocp4-moderate-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-moderate-rbac-least-privilege: + ocp4-moderate-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-cluster-admin: + ocp4-moderate-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-secrets-access: + ocp4-moderate-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-pod-creation-access: + ocp4-moderate-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-wildcard-use: + ocp4-moderate-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-resource-requests-limits-in-daemonset: + ocp4-moderate-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-deployment: + ocp4-moderate-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-statefulset: + ocp4-moderate-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-quota: + ocp4-moderate-resource-requests-quota: default_result: PASS - e2e-moderate-route-ip-whitelist: + ocp4-moderate-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-protected-by-tls: + ocp4-moderate-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-rate-limit: + ocp4-moderate-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-moderate-scansettingbinding-exists: + ocp4-moderate-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-drop-container-capabilities: + ocp4-moderate-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-container-allowed-capabilities: + ocp4-moderate-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-limit-ipc-namespace: + ocp4-moderate-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-net-raw-capability: + ocp4-moderate-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-network-namespace: + ocp4-moderate-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privilege-escalation: + ocp4-moderate-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privileged-containers: + ocp4-moderate-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-process-id-namespace: + ocp4-moderate-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-root-containers: + ocp4-moderate-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scheduler-profiling-protected-by-rbac: + ocp4-moderate-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-scheduler-service-protected-by-rbac: + ocp4-moderate-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-secrets-consider-external-storage: + ocp4-moderate-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-secrets-no-environment-variables: + ocp4-moderate-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-custom-min-tls-version: + ocp4-moderate-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-not-old: + ocp4-moderate-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-moderate-4.13.yml b/tests/assertions/ocp4/ocp4-moderate-4.13.yml index 8dc1903767d..55e36fc0d77 100644 --- a/tests/assertions/ocp4/ocp4-moderate-4.13.yml +++ b/tests/assertions/ocp4/ocp4-moderate-4.13.yml @@ -1,404 +1,404 @@ rule_results: - e2e-moderate-accounts-restrict-service-account-tokens: + ocp4-moderate-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-accounts-unique-service-account: + ocp4-moderate-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-api-server-admission-control-plugin-alwaysadmit: + ocp4-moderate-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-alwayspullimages: + ocp4-moderate-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-namespacelifecycle: + ocp4-moderate-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-noderestriction: + ocp4-moderate-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-scc: + ocp4-moderate-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-securitycontextdeny: + ocp4-moderate-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-service-account: + ocp4-moderate-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-anonymous-auth: + ocp4-moderate-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-flowschema-catch-all: + ocp4-moderate-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-gate-enabled: + ocp4-moderate-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-audit-log-maxbackup: + ocp4-moderate-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-maxsize: + ocp4-moderate-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-path: + ocp4-moderate-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-no-aa: + ocp4-moderate-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-node: + ocp4-moderate-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-rbac: + ocp4-moderate-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-basic-auth: + ocp4-moderate-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-bind-address: + ocp4-moderate-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-client-ca: + ocp4-moderate-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-encryption-provider-cipher: + ocp4-moderate-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-etcd-ca: + ocp4-moderate-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-cert: + ocp4-moderate-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-key: + ocp4-moderate-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-https-for-kubelet-conn: + ocp4-moderate-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-bind-address: + ocp4-moderate-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-port: + ocp4-moderate-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-certificate-authority: + ocp4-moderate-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert: + ocp4-moderate-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert-pre-4-9: + ocp4-moderate-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-client-key: + ocp4-moderate-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-key-pre-4-9: + ocp4-moderate-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-no-adm-ctrl-plugins-disabled: + ocp4-moderate-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-oauth-https-serving-cert: + ocp4-moderate-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-openshift-https-serving-cert: + ocp4-moderate-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-profiling-protected-by-rbac: + ocp4-moderate-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-request-timeout: + ocp4-moderate-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-lookup: + ocp4-moderate-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-public-key: + ocp4-moderate-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cert: + ocp4-moderate-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cipher-suites: + ocp4-moderate-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-private-key: + ocp4-moderate-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile: + ocp4-moderate-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-token-auth: + ocp4-moderate-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-error-alert-exists: + ocp4-moderate-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-enabled: + ocp4-moderate-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-uses-tls: + ocp4-moderate-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-webhook: + ocp4-moderate-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-audit-logging-enabled: + ocp4-moderate-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-profile-set: + ocp4-moderate-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-banner-or-login-template-set: + ocp4-moderate-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-cluster-version-operator-exists: + ocp4-moderate-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-version-operator-verify-integrity: + ocp4-moderate-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-wide-proxy-set: + ocp4-moderate-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-compliance-notification-enabled: + ocp4-moderate-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies: + ocp4-moderate-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies-hypershift-hosted: + ocp4-moderate-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-configure-network-policies-namespaces: + ocp4-moderate-configure-network-policies-namespaces: default_result: PASS - e2e-moderate-controller-insecure-port-disabled: + ocp4-moderate-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-rotate-kubelet-server-certs: + ocp4-moderate-controller-rotate-kubelet-server-certs: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-secure-port: + ocp4-moderate-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-ca: + ocp4-moderate-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-private-key: + ocp4-moderate-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-use-service-account: + ocp4-moderate-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-default-ingress-ca-replaced: + ocp4-moderate-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-moderate-etcd-auto-tls: + ocp4-moderate-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-cert-file: + ocp4-moderate-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-client-cert-auth: + ocp4-moderate-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-key-file: + ocp4-moderate-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-auto-tls: + ocp4-moderate-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-cert-file: + ocp4-moderate-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-client-cert-auth: + ocp4-moderate-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-key-file: + ocp4-moderate-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-file-groupowner-proxy-kubeconfig: + ocp4-moderate-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-integrity-exists: + ocp4-moderate-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-integrity-notification-enabled: + ocp4-moderate-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-owner-proxy-kubeconfig: + ocp4-moderate-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-permissions-proxy-kubeconfig: + ocp4-moderate-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-fips-mode-enabled-on-all-nodes: + ocp4-moderate-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-moderate-general-apply-scc: + ocp4-moderate-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-configure-imagepolicywebhook: + ocp4-moderate-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-namespace-use: + ocp4-moderate-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-seccomp-profile: + ocp4-moderate-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-namespaces-in-use: + ocp4-moderate-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-idp-is-configured: + ocp4-moderate-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-certificate: + ocp4-moderate-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-tls-security-profile: + ocp4-moderate-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubeadmin-removed: + ocp4-moderate-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-kubelet-configure-tls-cert: + ocp4-moderate-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-configure-tls-cert-pre-4-9: + ocp4-moderate-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-kubelet-configure-tls-key: + ocp4-moderate-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-disable-readonly-port: + ocp4-moderate-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-inactivity-timeout: + ocp4-moderate-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-token-maxage: + ocp4-moderate-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ocp-allowed-registries: + ocp4-moderate-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-allowed-registries-for-import: + ocp4-moderate-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-api-server-audit-log-maxbackup: + ocp4-moderate-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-api-server-audit-log-maxsize: + ocp4-moderate-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-idp-no-htpasswd: + ocp4-moderate-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-allowed-registries-for-import: + ocp4-moderate-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-registries: + ocp4-moderate-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-no-ldap-insecure: + ocp4-moderate-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-api-server-audit-log-path: + ocp4-moderate-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-motd-exists: + ocp4-moderate-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-moderate-rbac-debug-role-protects-pprof: + ocp4-moderate-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-moderate-rbac-least-privilege: + ocp4-moderate-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-cluster-admin: + ocp4-moderate-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-secrets-access: + ocp4-moderate-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-pod-creation-access: + ocp4-moderate-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-wildcard-use: + ocp4-moderate-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-resource-requests-limits-in-daemonset: + ocp4-moderate-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-deployment: + ocp4-moderate-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-statefulset: + ocp4-moderate-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-quota: + ocp4-moderate-resource-requests-quota: default_result: PASS - e2e-moderate-route-ip-whitelist: + ocp4-moderate-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-protected-by-tls: + ocp4-moderate-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-rate-limit: + ocp4-moderate-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-moderate-scansettingbinding-exists: + ocp4-moderate-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-drop-container-capabilities: + ocp4-moderate-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-container-allowed-capabilities: + ocp4-moderate-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-limit-ipc-namespace: + ocp4-moderate-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-net-raw-capability: + ocp4-moderate-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-network-namespace: + ocp4-moderate-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privilege-escalation: + ocp4-moderate-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privileged-containers: + ocp4-moderate-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-process-id-namespace: + ocp4-moderate-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-root-containers: + ocp4-moderate-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scheduler-profiling-protected-by-rbac: + ocp4-moderate-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-scheduler-service-protected-by-rbac: + ocp4-moderate-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-secrets-consider-external-storage: + ocp4-moderate-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-secrets-no-environment-variables: + ocp4-moderate-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-custom-min-tls-version: + ocp4-moderate-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-not-old: + ocp4-moderate-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-moderate-4.14.yml b/tests/assertions/ocp4/ocp4-moderate-4.14.yml index 1b66f3fa03b..310a10e6cc6 100644 --- a/tests/assertions/ocp4/ocp4-moderate-4.14.yml +++ b/tests/assertions/ocp4/ocp4-moderate-4.14.yml @@ -1,404 +1,404 @@ rule_results: - e2e-moderate-accounts-restrict-service-account-tokens: + ocp4-moderate-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-accounts-unique-service-account: + ocp4-moderate-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-api-server-admission-control-plugin-alwaysadmit: + ocp4-moderate-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-alwayspullimages: + ocp4-moderate-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-namespacelifecycle: + ocp4-moderate-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-noderestriction: + ocp4-moderate-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-scc: + ocp4-moderate-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-securitycontextdeny: + ocp4-moderate-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-service-account: + ocp4-moderate-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-anonymous-auth: + ocp4-moderate-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-flowschema-catch-all: + ocp4-moderate-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-gate-enabled: + ocp4-moderate-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-audit-log-maxbackup: + ocp4-moderate-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-maxsize: + ocp4-moderate-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-path: + ocp4-moderate-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-no-aa: + ocp4-moderate-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-node: + ocp4-moderate-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-rbac: + ocp4-moderate-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-basic-auth: + ocp4-moderate-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-bind-address: + ocp4-moderate-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-client-ca: + ocp4-moderate-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-encryption-provider-cipher: + ocp4-moderate-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-etcd-ca: + ocp4-moderate-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-cert: + ocp4-moderate-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-key: + ocp4-moderate-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-https-for-kubelet-conn: + ocp4-moderate-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-bind-address: + ocp4-moderate-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-port: + ocp4-moderate-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-certificate-authority: + ocp4-moderate-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert: + ocp4-moderate-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert-pre-4-9: + ocp4-moderate-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-client-key: + ocp4-moderate-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-key-pre-4-9: + ocp4-moderate-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-no-adm-ctrl-plugins-disabled: + ocp4-moderate-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-oauth-https-serving-cert: + ocp4-moderate-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-openshift-https-serving-cert: + ocp4-moderate-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-profiling-protected-by-rbac: + ocp4-moderate-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-request-timeout: + ocp4-moderate-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-lookup: + ocp4-moderate-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-public-key: + ocp4-moderate-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cert: + ocp4-moderate-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cipher-suites: + ocp4-moderate-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-private-key: + ocp4-moderate-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile: + ocp4-moderate-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-token-auth: + ocp4-moderate-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-error-alert-exists: + ocp4-moderate-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-enabled: + ocp4-moderate-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-uses-tls: + ocp4-moderate-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-webhook: + ocp4-moderate-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-audit-logging-enabled: + ocp4-moderate-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-profile-set: + ocp4-moderate-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-banner-or-login-template-set: + ocp4-moderate-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-cluster-version-operator-exists: + ocp4-moderate-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-version-operator-verify-integrity: + ocp4-moderate-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-wide-proxy-set: + ocp4-moderate-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-compliance-notification-enabled: + ocp4-moderate-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies: + ocp4-moderate-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies-hypershift-hosted: + ocp4-moderate-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-configure-network-policies-namespaces: + ocp4-moderate-configure-network-policies-namespaces: default_result: PASS - e2e-moderate-controller-insecure-port-disabled: + ocp4-moderate-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-rotate-kubelet-server-certs: + ocp4-moderate-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-controller-secure-port: + ocp4-moderate-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-ca: + ocp4-moderate-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-private-key: + ocp4-moderate-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-use-service-account: + ocp4-moderate-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-default-ingress-ca-replaced: + ocp4-moderate-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-moderate-etcd-auto-tls: + ocp4-moderate-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-cert-file: + ocp4-moderate-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-client-cert-auth: + ocp4-moderate-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-key-file: + ocp4-moderate-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-auto-tls: + ocp4-moderate-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-cert-file: + ocp4-moderate-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-client-cert-auth: + ocp4-moderate-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-key-file: + ocp4-moderate-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-file-groupowner-proxy-kubeconfig: + ocp4-moderate-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-integrity-exists: + ocp4-moderate-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-integrity-notification-enabled: + ocp4-moderate-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-owner-proxy-kubeconfig: + ocp4-moderate-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-permissions-proxy-kubeconfig: + ocp4-moderate-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-fips-mode-enabled-on-all-nodes: + ocp4-moderate-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-moderate-general-apply-scc: + ocp4-moderate-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-configure-imagepolicywebhook: + ocp4-moderate-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-namespace-use: + ocp4-moderate-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-seccomp-profile: + ocp4-moderate-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-namespaces-in-use: + ocp4-moderate-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-idp-is-configured: + ocp4-moderate-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-certificate: + ocp4-moderate-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-tls-security-profile: + ocp4-moderate-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubeadmin-removed: + ocp4-moderate-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-kubelet-configure-tls-cert: + ocp4-moderate-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-configure-tls-cert-pre-4-9: + ocp4-moderate-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-kubelet-configure-tls-key: + ocp4-moderate-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-disable-readonly-port: + ocp4-moderate-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-inactivity-timeout: + ocp4-moderate-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-token-maxage: + ocp4-moderate-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ocp-allowed-registries: + ocp4-moderate-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-allowed-registries-for-import: + ocp4-moderate-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-api-server-audit-log-maxbackup: + ocp4-moderate-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-api-server-audit-log-maxsize: + ocp4-moderate-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-idp-no-htpasswd: + ocp4-moderate-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-allowed-registries-for-import: + ocp4-moderate-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-registries: + ocp4-moderate-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-no-ldap-insecure: + ocp4-moderate-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-api-server-audit-log-path: + ocp4-moderate-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-motd-exists: + ocp4-moderate-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-moderate-rbac-debug-role-protects-pprof: + ocp4-moderate-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-moderate-rbac-least-privilege: + ocp4-moderate-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-cluster-admin: + ocp4-moderate-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-secrets-access: + ocp4-moderate-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-pod-creation-access: + ocp4-moderate-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-wildcard-use: + ocp4-moderate-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-resource-requests-limits-in-daemonset: + ocp4-moderate-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-deployment: + ocp4-moderate-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-statefulset: + ocp4-moderate-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-quota: + ocp4-moderate-resource-requests-quota: default_result: PASS - e2e-moderate-route-ip-whitelist: + ocp4-moderate-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-protected-by-tls: + ocp4-moderate-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-rate-limit: + ocp4-moderate-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-moderate-scansettingbinding-exists: + ocp4-moderate-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-drop-container-capabilities: + ocp4-moderate-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-container-allowed-capabilities: + ocp4-moderate-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-limit-ipc-namespace: + ocp4-moderate-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-net-raw-capability: + ocp4-moderate-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-network-namespace: + ocp4-moderate-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privilege-escalation: + ocp4-moderate-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privileged-containers: + ocp4-moderate-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-process-id-namespace: + ocp4-moderate-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-root-containers: + ocp4-moderate-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scheduler-profiling-protected-by-rbac: + ocp4-moderate-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-scheduler-service-protected-by-rbac: + ocp4-moderate-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-secrets-consider-external-storage: + ocp4-moderate-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-secrets-no-environment-variables: + ocp4-moderate-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-custom-min-tls-version: + ocp4-moderate-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-not-old: + ocp4-moderate-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-moderate-4.15.yml b/tests/assertions/ocp4/ocp4-moderate-4.15.yml index 8ad9037bc13..f3fe05e5082 100644 --- a/tests/assertions/ocp4/ocp4-moderate-4.15.yml +++ b/tests/assertions/ocp4/ocp4-moderate-4.15.yml @@ -1,378 +1,378 @@ rule_results: - e2e-moderate-accounts-restrict-service-account-tokens: + ocp4-moderate-accounts-restrict-service-account-tokens: default_result: MANUAL - e2e-moderate-accounts-unique-service-account: + ocp4-moderate-accounts-unique-service-account: default_result: MANUAL - e2e-moderate-api-server-admission-control-plugin-alwaysadmit: + ocp4-moderate-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-alwayspullimages: + ocp4-moderate-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-namespacelifecycle: + ocp4-moderate-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-noderestriction: + ocp4-moderate-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-scc: + ocp4-moderate-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-securitycontextdeny: + ocp4-moderate-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-service-account: + ocp4-moderate-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-anonymous-auth: + ocp4-moderate-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-flowschema-catch-all: + ocp4-moderate-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-gate-enabled: + ocp4-moderate-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-audit-log-maxbackup: + ocp4-moderate-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-maxsize: + ocp4-moderate-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-path: + ocp4-moderate-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-no-aa: + ocp4-moderate-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-node: + ocp4-moderate-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-rbac: + ocp4-moderate-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-basic-auth: + ocp4-moderate-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-bind-address: + ocp4-moderate-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-client-ca: + ocp4-moderate-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-encryption-provider-cipher: + ocp4-moderate-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-etcd-ca: + ocp4-moderate-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-cert: + ocp4-moderate-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-key: + ocp4-moderate-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-https-for-kubelet-conn: + ocp4-moderate-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-bind-address: + ocp4-moderate-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-port: + ocp4-moderate-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-certificate-authority: + ocp4-moderate-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert: + ocp4-moderate-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert-pre-4-9: + ocp4-moderate-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-client-key: + ocp4-moderate-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-key-pre-4-9: + ocp4-moderate-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-no-adm-ctrl-plugins-disabled: + ocp4-moderate-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-oauth-https-serving-cert: + ocp4-moderate-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-openshift-https-serving-cert: + ocp4-moderate-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-profiling-protected-by-rbac: + ocp4-moderate-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-request-timeout: + ocp4-moderate-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-lookup: + ocp4-moderate-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-public-key: + ocp4-moderate-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cert: + ocp4-moderate-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cipher-suites: + ocp4-moderate-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-private-key: + ocp4-moderate-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile: + ocp4-moderate-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-token-auth: + ocp4-moderate-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-error-alert-exists: + ocp4-moderate-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-enabled: + ocp4-moderate-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-uses-tls: + ocp4-moderate-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-webhook: + ocp4-moderate-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-audit-logging-enabled: + ocp4-moderate-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-profile-set: + ocp4-moderate-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-banner-or-login-template-set: + ocp4-moderate-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-cluster-version-operator-exists: + ocp4-moderate-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-version-operator-verify-integrity: + ocp4-moderate-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-wide-proxy-set: + ocp4-moderate-cluster-wide-proxy-set: default_result: FAIL - e2e-moderate-compliance-notification-enabled: + ocp4-moderate-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies: + ocp4-moderate-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies-hypershift-hosted: + ocp4-moderate-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-configure-network-policies-namespaces: + ocp4-moderate-configure-network-policies-namespaces: default_result: PASS - e2e-moderate-controller-insecure-port-disabled: + ocp4-moderate-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-rotate-kubelet-server-certs: + ocp4-moderate-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-controller-secure-port: + ocp4-moderate-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-ca: + ocp4-moderate-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-private-key: + ocp4-moderate-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-use-service-account: + ocp4-moderate-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-default-ingress-ca-replaced: + ocp4-moderate-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-moderate-etcd-auto-tls: + ocp4-moderate-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-cert-file: + ocp4-moderate-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-client-cert-auth: + ocp4-moderate-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-key-file: + ocp4-moderate-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-auto-tls: + ocp4-moderate-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-cert-file: + ocp4-moderate-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-client-cert-auth: + ocp4-moderate-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-key-file: + ocp4-moderate-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-file-groupowner-proxy-kubeconfig: + ocp4-moderate-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-integrity-exists: + ocp4-moderate-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-integrity-notification-enabled: + ocp4-moderate-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-owner-proxy-kubeconfig: + ocp4-moderate-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-permissions-proxy-kubeconfig: + ocp4-moderate-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-fips-mode-enabled-on-all-nodes: + ocp4-moderate-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-moderate-general-apply-scc: + ocp4-moderate-general-apply-scc: default_result: MANUAL - e2e-moderate-general-configure-imagepolicywebhook: + ocp4-moderate-general-configure-imagepolicywebhook: default_result: MANUAL - e2e-moderate-general-default-namespace-use: + ocp4-moderate-general-default-namespace-use: default_result: MANUAL - e2e-moderate-general-default-seccomp-profile: + ocp4-moderate-general-default-seccomp-profile: default_result: MANUAL - e2e-moderate-general-namespaces-in-use: + ocp4-moderate-general-namespaces-in-use: default_result: MANUAL - e2e-moderate-idp-is-configured: + ocp4-moderate-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-certificate: + ocp4-moderate-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-tls-security-profile: + ocp4-moderate-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubeadmin-removed: + ocp4-moderate-kubeadmin-removed: default_result: FAIL - e2e-moderate-kubelet-configure-tls-cert: + ocp4-moderate-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-configure-tls-cert-pre-4-9: + ocp4-moderate-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-kubelet-configure-tls-key: + ocp4-moderate-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-disable-readonly-port: + ocp4-moderate-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-inactivity-timeout: + ocp4-moderate-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-token-maxage: + ocp4-moderate-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ocp-allowed-registries: + ocp4-moderate-ocp-allowed-registries: default_result: FAIL - e2e-moderate-ocp-allowed-registries-for-import: + ocp4-moderate-ocp-allowed-registries-for-import: default_result: FAIL - e2e-moderate-ocp-api-server-audit-log-maxbackup: + ocp4-moderate-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-api-server-audit-log-maxsize: + ocp4-moderate-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-idp-no-htpasswd: + ocp4-moderate-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-allowed-registries-for-import: + ocp4-moderate-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-registries: + ocp4-moderate-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-no-ldap-insecure: + ocp4-moderate-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-api-server-audit-log-path: + ocp4-moderate-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-motd-exists: + ocp4-moderate-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-moderate-rbac-debug-role-protects-pprof: + ocp4-moderate-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-moderate-rbac-least-privilege: + ocp4-moderate-rbac-least-privilege: default_result: MANUAL - e2e-moderate-rbac-limit-cluster-admin: + ocp4-moderate-rbac-limit-cluster-admin: default_result: MANUAL - e2e-moderate-rbac-limit-secrets-access: + ocp4-moderate-rbac-limit-secrets-access: default_result: MANUAL - e2e-moderate-rbac-pod-creation-access: + ocp4-moderate-rbac-pod-creation-access: default_result: MANUAL - e2e-moderate-rbac-wildcard-use: + ocp4-moderate-rbac-wildcard-use: default_result: MANUAL - e2e-moderate-resource-requests-limits-in-daemonset: + ocp4-moderate-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-deployment: + ocp4-moderate-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-statefulset: + ocp4-moderate-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-quota: + ocp4-moderate-resource-requests-quota: default_result: PASS - e2e-moderate-route-ip-whitelist: + ocp4-moderate-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-protected-by-tls: + ocp4-moderate-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-rate-limit: + ocp4-moderate-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-moderate-scansettingbinding-exists: + ocp4-moderate-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-drop-container-capabilities: + ocp4-moderate-scc-drop-container-capabilities: default_result: MANUAL - e2e-moderate-scc-limit-container-allowed-capabilities: + ocp4-moderate-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-limit-ipc-namespace: + ocp4-moderate-scc-limit-ipc-namespace: default_result: MANUAL - e2e-moderate-scc-limit-net-raw-capability: + ocp4-moderate-scc-limit-net-raw-capability: default_result: MANUAL - e2e-moderate-scc-limit-network-namespace: + ocp4-moderate-scc-limit-network-namespace: default_result: MANUAL - e2e-moderate-scc-limit-privilege-escalation: + ocp4-moderate-scc-limit-privilege-escalation: default_result: MANUAL - e2e-moderate-scc-limit-privileged-containers: + ocp4-moderate-scc-limit-privileged-containers: default_result: MANUAL - e2e-moderate-scc-limit-process-id-namespace: + ocp4-moderate-scc-limit-process-id-namespace: default_result: MANUAL - e2e-moderate-scc-limit-root-containers: + ocp4-moderate-scc-limit-root-containers: default_result: MANUAL - e2e-moderate-scheduler-profiling-protected-by-rbac: + ocp4-moderate-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-scheduler-service-protected-by-rbac: + ocp4-moderate-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-secrets-consider-external-storage: + ocp4-moderate-secrets-consider-external-storage: default_result: MANUAL - e2e-moderate-secrets-no-environment-variables: + ocp4-moderate-secrets-no-environment-variables: default_result: MANUAL - e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-custom-min-tls-version: + ocp4-moderate-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-not-old: + ocp4-moderate-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-moderate-4.16.yml b/tests/assertions/ocp4/ocp4-moderate-4.16.yml index 1b66f3fa03b..310a10e6cc6 100644 --- a/tests/assertions/ocp4/ocp4-moderate-4.16.yml +++ b/tests/assertions/ocp4/ocp4-moderate-4.16.yml @@ -1,404 +1,404 @@ rule_results: - e2e-moderate-accounts-restrict-service-account-tokens: + ocp4-moderate-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-accounts-unique-service-account: + ocp4-moderate-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-api-server-admission-control-plugin-alwaysadmit: + ocp4-moderate-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-alwayspullimages: + ocp4-moderate-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-namespacelifecycle: + ocp4-moderate-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-noderestriction: + ocp4-moderate-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-scc: + ocp4-moderate-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-securitycontextdeny: + ocp4-moderate-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-service-account: + ocp4-moderate-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-anonymous-auth: + ocp4-moderate-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-flowschema-catch-all: + ocp4-moderate-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-gate-enabled: + ocp4-moderate-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-audit-log-maxbackup: + ocp4-moderate-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-maxsize: + ocp4-moderate-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-path: + ocp4-moderate-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-no-aa: + ocp4-moderate-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-node: + ocp4-moderate-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-rbac: + ocp4-moderate-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-basic-auth: + ocp4-moderate-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-bind-address: + ocp4-moderate-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-client-ca: + ocp4-moderate-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-encryption-provider-cipher: + ocp4-moderate-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-etcd-ca: + ocp4-moderate-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-cert: + ocp4-moderate-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-key: + ocp4-moderate-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-https-for-kubelet-conn: + ocp4-moderate-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-bind-address: + ocp4-moderate-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-port: + ocp4-moderate-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-certificate-authority: + ocp4-moderate-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert: + ocp4-moderate-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert-pre-4-9: + ocp4-moderate-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-client-key: + ocp4-moderate-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-key-pre-4-9: + ocp4-moderate-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-no-adm-ctrl-plugins-disabled: + ocp4-moderate-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-oauth-https-serving-cert: + ocp4-moderate-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-openshift-https-serving-cert: + ocp4-moderate-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-profiling-protected-by-rbac: + ocp4-moderate-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-request-timeout: + ocp4-moderate-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-lookup: + ocp4-moderate-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-public-key: + ocp4-moderate-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cert: + ocp4-moderate-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cipher-suites: + ocp4-moderate-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-private-key: + ocp4-moderate-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile: + ocp4-moderate-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-token-auth: + ocp4-moderate-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-error-alert-exists: + ocp4-moderate-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-enabled: + ocp4-moderate-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-uses-tls: + ocp4-moderate-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-webhook: + ocp4-moderate-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-audit-logging-enabled: + ocp4-moderate-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-profile-set: + ocp4-moderate-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-banner-or-login-template-set: + ocp4-moderate-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-cluster-version-operator-exists: + ocp4-moderate-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-version-operator-verify-integrity: + ocp4-moderate-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-wide-proxy-set: + ocp4-moderate-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-compliance-notification-enabled: + ocp4-moderate-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies: + ocp4-moderate-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies-hypershift-hosted: + ocp4-moderate-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-configure-network-policies-namespaces: + ocp4-moderate-configure-network-policies-namespaces: default_result: PASS - e2e-moderate-controller-insecure-port-disabled: + ocp4-moderate-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-rotate-kubelet-server-certs: + ocp4-moderate-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-controller-secure-port: + ocp4-moderate-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-ca: + ocp4-moderate-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-private-key: + ocp4-moderate-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-use-service-account: + ocp4-moderate-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-default-ingress-ca-replaced: + ocp4-moderate-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-moderate-etcd-auto-tls: + ocp4-moderate-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-cert-file: + ocp4-moderate-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-client-cert-auth: + ocp4-moderate-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-key-file: + ocp4-moderate-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-auto-tls: + ocp4-moderate-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-cert-file: + ocp4-moderate-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-client-cert-auth: + ocp4-moderate-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-key-file: + ocp4-moderate-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-file-groupowner-proxy-kubeconfig: + ocp4-moderate-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-integrity-exists: + ocp4-moderate-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-integrity-notification-enabled: + ocp4-moderate-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-owner-proxy-kubeconfig: + ocp4-moderate-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-permissions-proxy-kubeconfig: + ocp4-moderate-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-fips-mode-enabled-on-all-nodes: + ocp4-moderate-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-moderate-general-apply-scc: + ocp4-moderate-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-configure-imagepolicywebhook: + ocp4-moderate-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-namespace-use: + ocp4-moderate-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-seccomp-profile: + ocp4-moderate-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-namespaces-in-use: + ocp4-moderate-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-idp-is-configured: + ocp4-moderate-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-certificate: + ocp4-moderate-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-tls-security-profile: + ocp4-moderate-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubeadmin-removed: + ocp4-moderate-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-kubelet-configure-tls-cert: + ocp4-moderate-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-configure-tls-cert-pre-4-9: + ocp4-moderate-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-kubelet-configure-tls-key: + ocp4-moderate-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-disable-readonly-port: + ocp4-moderate-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-inactivity-timeout: + ocp4-moderate-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-token-maxage: + ocp4-moderate-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ocp-allowed-registries: + ocp4-moderate-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-allowed-registries-for-import: + ocp4-moderate-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-api-server-audit-log-maxbackup: + ocp4-moderate-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-api-server-audit-log-maxsize: + ocp4-moderate-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-idp-no-htpasswd: + ocp4-moderate-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-allowed-registries-for-import: + ocp4-moderate-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-registries: + ocp4-moderate-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-no-ldap-insecure: + ocp4-moderate-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-api-server-audit-log-path: + ocp4-moderate-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-motd-exists: + ocp4-moderate-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-moderate-rbac-debug-role-protects-pprof: + ocp4-moderate-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-moderate-rbac-least-privilege: + ocp4-moderate-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-cluster-admin: + ocp4-moderate-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-secrets-access: + ocp4-moderate-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-pod-creation-access: + ocp4-moderate-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-wildcard-use: + ocp4-moderate-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-resource-requests-limits-in-daemonset: + ocp4-moderate-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-deployment: + ocp4-moderate-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-statefulset: + ocp4-moderate-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-quota: + ocp4-moderate-resource-requests-quota: default_result: PASS - e2e-moderate-route-ip-whitelist: + ocp4-moderate-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-protected-by-tls: + ocp4-moderate-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-rate-limit: + ocp4-moderate-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-moderate-scansettingbinding-exists: + ocp4-moderate-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-drop-container-capabilities: + ocp4-moderate-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-container-allowed-capabilities: + ocp4-moderate-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-limit-ipc-namespace: + ocp4-moderate-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-net-raw-capability: + ocp4-moderate-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-network-namespace: + ocp4-moderate-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privilege-escalation: + ocp4-moderate-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privileged-containers: + ocp4-moderate-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-process-id-namespace: + ocp4-moderate-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-root-containers: + ocp4-moderate-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scheduler-profiling-protected-by-rbac: + ocp4-moderate-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-scheduler-service-protected-by-rbac: + ocp4-moderate-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-secrets-consider-external-storage: + ocp4-moderate-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-secrets-no-environment-variables: + ocp4-moderate-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-custom-min-tls-version: + ocp4-moderate-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-not-old: + ocp4-moderate-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-moderate-4.17.yml b/tests/assertions/ocp4/ocp4-moderate-4.17.yml index 767a9e9a25d..b5cedaef88e 100644 --- a/tests/assertions/ocp4/ocp4-moderate-4.17.yml +++ b/tests/assertions/ocp4/ocp4-moderate-4.17.yml @@ -1,406 +1,406 @@ rule_results: - e2e-moderate-accounts-restrict-service-account-tokens: + ocp4-moderate-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-accounts-unique-service-account: + ocp4-moderate-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-api-server-admission-control-plugin-alwaysadmit: + ocp4-moderate-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-alwayspullimages: + ocp4-moderate-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-namespacelifecycle: + ocp4-moderate-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-noderestriction: + ocp4-moderate-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-scc: + ocp4-moderate-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-securitycontextdeny: + ocp4-moderate-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-service-account: + ocp4-moderate-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-anonymous-auth: + ocp4-moderate-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-flowschema-catch-all: + ocp4-moderate-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-gate-enabled: + ocp4-moderate-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-audit-log-maxbackup: + ocp4-moderate-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-maxsize: + ocp4-moderate-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-path: + ocp4-moderate-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-no-aa: + ocp4-moderate-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-node: + ocp4-moderate-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-rbac: + ocp4-moderate-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-basic-auth: + ocp4-moderate-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-bind-address: + ocp4-moderate-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-client-ca: + ocp4-moderate-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-encryption-provider-cipher: + ocp4-moderate-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-etcd-ca: + ocp4-moderate-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-cert: + ocp4-moderate-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-key: + ocp4-moderate-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-https-for-kubelet-conn: + ocp4-moderate-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-bind-address: + ocp4-moderate-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-port: + ocp4-moderate-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-certificate-authority: + ocp4-moderate-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert: + ocp4-moderate-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert-pre-4-9: + ocp4-moderate-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-client-key: + ocp4-moderate-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-key-pre-4-9: + ocp4-moderate-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-no-adm-ctrl-plugins-disabled: + ocp4-moderate-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-oauth-https-serving-cert: + ocp4-moderate-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-openshift-https-serving-cert: + ocp4-moderate-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-profiling-protected-by-rbac: + ocp4-moderate-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-request-timeout: + ocp4-moderate-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-lookup: + ocp4-moderate-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-public-key: + ocp4-moderate-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cert: + ocp4-moderate-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cipher-suites: + ocp4-moderate-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-private-key: + ocp4-moderate-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile: + ocp4-moderate-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-token-auth: + ocp4-moderate-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-error-alert-exists: + ocp4-moderate-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-enabled: + ocp4-moderate-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-uses-tls: + ocp4-moderate-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-webhook: + ocp4-moderate-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-audit-logging-enabled: + ocp4-moderate-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-profile-set: + ocp4-moderate-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-banner-or-login-template-set: + ocp4-moderate-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-cluster-version-operator-exists: + ocp4-moderate-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-version-operator-verify-integrity: + ocp4-moderate-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-wide-proxy-set: + ocp4-moderate-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-compliance-notification-enabled: + ocp4-moderate-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies: + ocp4-moderate-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies-hypershift-hosted: + ocp4-moderate-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-configure-network-policies-namespaces: + ocp4-moderate-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-insecure-port-disabled: + ocp4-moderate-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-rotate-kubelet-server-certs: + ocp4-moderate-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-controller-secure-port: + ocp4-moderate-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-ca: + ocp4-moderate-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-private-key: + ocp4-moderate-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-use-service-account: + ocp4-moderate-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-default-ingress-ca-replaced: + ocp4-moderate-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-moderate-etcd-auto-tls: + ocp4-moderate-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-cert-file: + ocp4-moderate-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-client-cert-auth: + ocp4-moderate-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-key-file: + ocp4-moderate-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-auto-tls: + ocp4-moderate-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-cert-file: + ocp4-moderate-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-client-cert-auth: + ocp4-moderate-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-key-file: + ocp4-moderate-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-file-groupowner-proxy-kubeconfig: + ocp4-moderate-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-integrity-exists: + ocp4-moderate-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-integrity-notification-enabled: + ocp4-moderate-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-owner-proxy-kubeconfig: + ocp4-moderate-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-permissions-proxy-kubeconfig: + ocp4-moderate-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-fips-mode-enabled-on-all-nodes: + ocp4-moderate-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-moderate-general-apply-scc: + ocp4-moderate-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-configure-imagepolicywebhook: + ocp4-moderate-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-namespace-use: + ocp4-moderate-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-seccomp-profile: + ocp4-moderate-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-namespaces-in-use: + ocp4-moderate-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-idp-is-configured: + ocp4-moderate-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-certificate: + ocp4-moderate-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-tls-security-profile: + ocp4-moderate-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubeadmin-removed: + ocp4-moderate-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-kubelet-configure-tls-cert: + ocp4-moderate-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-configure-tls-cert-pre-4-9: + ocp4-moderate-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-kubelet-configure-tls-key: + ocp4-moderate-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-disable-readonly-port: + ocp4-moderate-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-inactivity-timeout: + ocp4-moderate-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-token-maxage: + ocp4-moderate-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ocp-allowed-registries: + ocp4-moderate-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-allowed-registries-for-import: + ocp4-moderate-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-api-server-audit-log-maxbackup: + ocp4-moderate-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-api-server-audit-log-maxsize: + ocp4-moderate-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-idp-no-htpasswd: + ocp4-moderate-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-allowed-registries-for-import: + ocp4-moderate-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-registries: + ocp4-moderate-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-no-ldap-insecure: + ocp4-moderate-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-api-server-audit-log-path: + ocp4-moderate-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-motd-exists: + ocp4-moderate-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-moderate-rbac-debug-role-protects-pprof: + ocp4-moderate-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-moderate-rbac-least-privilege: + ocp4-moderate-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-cluster-admin: + ocp4-moderate-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-secrets-access: + ocp4-moderate-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-pod-creation-access: + ocp4-moderate-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-wildcard-use: + ocp4-moderate-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-resource-requests-limits-in-daemonset: + ocp4-moderate-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-deployment: + ocp4-moderate-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-statefulset: + ocp4-moderate-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-quota: + ocp4-moderate-resource-requests-quota: default_result: PASS result_after_remediation: PASS - e2e-moderate-route-ip-whitelist: + ocp4-moderate-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-protected-by-tls: + ocp4-moderate-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-rate-limit: + ocp4-moderate-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-moderate-scansettingbinding-exists: + ocp4-moderate-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-drop-container-capabilities: + ocp4-moderate-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-container-allowed-capabilities: + ocp4-moderate-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-limit-ipc-namespace: + ocp4-moderate-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-net-raw-capability: + ocp4-moderate-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-network-namespace: + ocp4-moderate-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privilege-escalation: + ocp4-moderate-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privileged-containers: + ocp4-moderate-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-process-id-namespace: + ocp4-moderate-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-root-containers: + ocp4-moderate-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scheduler-profiling-protected-by-rbac: + ocp4-moderate-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-scheduler-service-protected-by-rbac: + ocp4-moderate-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-secrets-consider-external-storage: + ocp4-moderate-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-secrets-no-environment-variables: + ocp4-moderate-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-custom-min-tls-version: + ocp4-moderate-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-not-old: + ocp4-moderate-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-moderate-4.18.yml b/tests/assertions/ocp4/ocp4-moderate-4.18.yml index 767a9e9a25d..b5cedaef88e 100644 --- a/tests/assertions/ocp4/ocp4-moderate-4.18.yml +++ b/tests/assertions/ocp4/ocp4-moderate-4.18.yml @@ -1,406 +1,406 @@ rule_results: - e2e-moderate-accounts-restrict-service-account-tokens: + ocp4-moderate-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-accounts-unique-service-account: + ocp4-moderate-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-api-server-admission-control-plugin-alwaysadmit: + ocp4-moderate-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-alwayspullimages: + ocp4-moderate-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-namespacelifecycle: + ocp4-moderate-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-noderestriction: + ocp4-moderate-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-scc: + ocp4-moderate-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-securitycontextdeny: + ocp4-moderate-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-service-account: + ocp4-moderate-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-anonymous-auth: + ocp4-moderate-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-flowschema-catch-all: + ocp4-moderate-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-gate-enabled: + ocp4-moderate-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-audit-log-maxbackup: + ocp4-moderate-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-maxsize: + ocp4-moderate-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-path: + ocp4-moderate-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-no-aa: + ocp4-moderate-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-node: + ocp4-moderate-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-rbac: + ocp4-moderate-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-basic-auth: + ocp4-moderate-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-bind-address: + ocp4-moderate-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-client-ca: + ocp4-moderate-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-encryption-provider-cipher: + ocp4-moderate-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-etcd-ca: + ocp4-moderate-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-cert: + ocp4-moderate-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-key: + ocp4-moderate-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-https-for-kubelet-conn: + ocp4-moderate-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-bind-address: + ocp4-moderate-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-port: + ocp4-moderate-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-certificate-authority: + ocp4-moderate-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert: + ocp4-moderate-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert-pre-4-9: + ocp4-moderate-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-client-key: + ocp4-moderate-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-key-pre-4-9: + ocp4-moderate-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-no-adm-ctrl-plugins-disabled: + ocp4-moderate-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-oauth-https-serving-cert: + ocp4-moderate-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-openshift-https-serving-cert: + ocp4-moderate-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-profiling-protected-by-rbac: + ocp4-moderate-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-request-timeout: + ocp4-moderate-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-lookup: + ocp4-moderate-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-public-key: + ocp4-moderate-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cert: + ocp4-moderate-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cipher-suites: + ocp4-moderate-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-private-key: + ocp4-moderate-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile: + ocp4-moderate-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-token-auth: + ocp4-moderate-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-error-alert-exists: + ocp4-moderate-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-enabled: + ocp4-moderate-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-uses-tls: + ocp4-moderate-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-webhook: + ocp4-moderate-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-audit-logging-enabled: + ocp4-moderate-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-profile-set: + ocp4-moderate-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-banner-or-login-template-set: + ocp4-moderate-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-cluster-version-operator-exists: + ocp4-moderate-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-version-operator-verify-integrity: + ocp4-moderate-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-wide-proxy-set: + ocp4-moderate-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-compliance-notification-enabled: + ocp4-moderate-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies: + ocp4-moderate-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies-hypershift-hosted: + ocp4-moderate-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-configure-network-policies-namespaces: + ocp4-moderate-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-insecure-port-disabled: + ocp4-moderate-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-rotate-kubelet-server-certs: + ocp4-moderate-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-controller-secure-port: + ocp4-moderate-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-ca: + ocp4-moderate-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-private-key: + ocp4-moderate-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-use-service-account: + ocp4-moderate-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-default-ingress-ca-replaced: + ocp4-moderate-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-moderate-etcd-auto-tls: + ocp4-moderate-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-cert-file: + ocp4-moderate-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-client-cert-auth: + ocp4-moderate-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-key-file: + ocp4-moderate-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-auto-tls: + ocp4-moderate-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-cert-file: + ocp4-moderate-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-client-cert-auth: + ocp4-moderate-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-key-file: + ocp4-moderate-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-file-groupowner-proxy-kubeconfig: + ocp4-moderate-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-integrity-exists: + ocp4-moderate-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-integrity-notification-enabled: + ocp4-moderate-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-owner-proxy-kubeconfig: + ocp4-moderate-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-permissions-proxy-kubeconfig: + ocp4-moderate-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-fips-mode-enabled-on-all-nodes: + ocp4-moderate-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-moderate-general-apply-scc: + ocp4-moderate-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-configure-imagepolicywebhook: + ocp4-moderate-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-namespace-use: + ocp4-moderate-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-seccomp-profile: + ocp4-moderate-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-namespaces-in-use: + ocp4-moderate-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-idp-is-configured: + ocp4-moderate-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-certificate: + ocp4-moderate-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-tls-security-profile: + ocp4-moderate-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubeadmin-removed: + ocp4-moderate-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-kubelet-configure-tls-cert: + ocp4-moderate-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-configure-tls-cert-pre-4-9: + ocp4-moderate-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-kubelet-configure-tls-key: + ocp4-moderate-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-disable-readonly-port: + ocp4-moderate-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-inactivity-timeout: + ocp4-moderate-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-token-maxage: + ocp4-moderate-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ocp-allowed-registries: + ocp4-moderate-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-allowed-registries-for-import: + ocp4-moderate-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-api-server-audit-log-maxbackup: + ocp4-moderate-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-api-server-audit-log-maxsize: + ocp4-moderate-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-idp-no-htpasswd: + ocp4-moderate-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-allowed-registries-for-import: + ocp4-moderate-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-registries: + ocp4-moderate-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-no-ldap-insecure: + ocp4-moderate-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-api-server-audit-log-path: + ocp4-moderate-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-motd-exists: + ocp4-moderate-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-moderate-rbac-debug-role-protects-pprof: + ocp4-moderate-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-moderate-rbac-least-privilege: + ocp4-moderate-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-cluster-admin: + ocp4-moderate-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-secrets-access: + ocp4-moderate-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-pod-creation-access: + ocp4-moderate-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-wildcard-use: + ocp4-moderate-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-resource-requests-limits-in-daemonset: + ocp4-moderate-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-deployment: + ocp4-moderate-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-statefulset: + ocp4-moderate-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-quota: + ocp4-moderate-resource-requests-quota: default_result: PASS result_after_remediation: PASS - e2e-moderate-route-ip-whitelist: + ocp4-moderate-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-protected-by-tls: + ocp4-moderate-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-rate-limit: + ocp4-moderate-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-moderate-scansettingbinding-exists: + ocp4-moderate-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-drop-container-capabilities: + ocp4-moderate-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-container-allowed-capabilities: + ocp4-moderate-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-limit-ipc-namespace: + ocp4-moderate-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-net-raw-capability: + ocp4-moderate-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-network-namespace: + ocp4-moderate-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privilege-escalation: + ocp4-moderate-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privileged-containers: + ocp4-moderate-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-process-id-namespace: + ocp4-moderate-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-root-containers: + ocp4-moderate-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scheduler-profiling-protected-by-rbac: + ocp4-moderate-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-scheduler-service-protected-by-rbac: + ocp4-moderate-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-secrets-consider-external-storage: + ocp4-moderate-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-secrets-no-environment-variables: + ocp4-moderate-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-custom-min-tls-version: + ocp4-moderate-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-not-old: + ocp4-moderate-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-moderate-node-4.12.yml b/tests/assertions/ocp4/ocp4-moderate-node-4.12.yml index 86c63c709b6..38920bfc61e 100644 --- a/tests/assertions/ocp4/ocp4-moderate-node-4.12.yml +++ b/tests/assertions/ocp4/ocp4-moderate-node-4.12.yml @@ -1,739 +1,739 @@ rule_results: - e2e-moderate-node-master-directory-access-var-log-kube-audit: + ocp4-moderate-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-oauth-audit: + ocp4-moderate-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-ocp-audit: + ocp4-moderate-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-etcd-unique-ca: + ocp4-moderate-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-cni-conf: + ocp4-moderate-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-dir: + ocp4-moderate-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-files: + ocp4-moderate-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-member: + ocp4-moderate-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ip-allocations: + ocp4-moderate-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-kube-apiserver: + ocp4-moderate-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-controller-manager: + ocp4-moderate-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-scheduler: + ocp4-moderate-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kubelet-conf: + ocp4-moderate-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-multus-conf: + ocp4-moderate-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovn-db-files: + ocp4-moderate-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-pid: + ocp4-moderate-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-ca: + ocp4-moderate-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-service: + ocp4-moderate-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-cni-conf: + ocp4-moderate-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-dir: + ocp4-moderate-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-files: + ocp4-moderate-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-member: + ocp4-moderate-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ip-allocations: + ocp4-moderate-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-kube-apiserver: + ocp4-moderate-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-controller-manager: + ocp4-moderate-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-scheduler: + ocp4-moderate-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet: + ocp4-moderate-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet-conf: + ocp4-moderate-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-multus-conf: + ocp4-moderate-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-key-files: + ocp4-moderate-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovn-db-files: + ocp4-moderate-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db: + ocp4-moderate-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-pid: + ocp4-moderate-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovsdb-server-pid: + ocp4-moderate-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-ca: + ocp4-moderate-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-kubeconfig: + ocp4-moderate-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-service: + ocp4-moderate-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-kube-audit: + ocp4-moderate-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-cni-conf: + ocp4-moderate-node-master-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-dir: + ocp4-moderate-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-files: + ocp4-moderate-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-member: + ocp4-moderate-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ip-allocations: + ocp4-moderate-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-permissions-kube-apiserver: + ocp4-moderate-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kube-controller-manager: + ocp4-moderate-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet: + ocp4-moderate-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet-conf: + ocp4-moderate-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-multus-conf: + ocp4-moderate-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-db-files: + ocp4-moderate-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db: + ocp4-moderate-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-pid: + ocp4-moderate-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler: + ocp4-moderate-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-kube-audit: + ocp4-moderate-node-master-file-permissions-var-log-kube-audit: default_result: INCONSISTENT result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-ca: + ocp4-moderate-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-kubeconfig: + ocp4-moderate-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-service: + ocp4-moderate-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-kubelet-anonymous-auth: + ocp4-moderate-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-authorization-mode: + ocp4-moderate-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-client-ca: + ocp4-moderate-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-event-creation: + ocp4-moderate-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-min-version: + ocp4-moderate-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-defaults: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-streaming-connections: + ocp4-moderate-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-reject-unsigned-images-by-default: + ocp4-moderate-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-directory-access-var-log-kube-audit: + ocp4-moderate-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-etcd-unique-ca: + ocp4-moderate-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-cni-conf: + ocp4-moderate-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-dir: + ocp4-moderate-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-files: + ocp4-moderate-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-member: + ocp4-moderate-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ip-allocations: + ocp4-moderate-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-apiserver: + ocp4-moderate-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-controller-manager: + ocp4-moderate-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-scheduler: + ocp4-moderate-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kubelet-conf: + ocp4-moderate-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-multus-conf: + ocp4-moderate-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovn-db-files: + ocp4-moderate-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-worker-ca: + ocp4-moderate-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-service: + ocp4-moderate-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-cni-conf: + ocp4-moderate-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-dir: + ocp4-moderate-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-files: + ocp4-moderate-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-member: + ocp4-moderate-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ip-allocations: + ocp4-moderate-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-apiserver: + ocp4-moderate-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-controller-manager: + ocp4-moderate-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-scheduler: + ocp4-moderate-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kubelet: + ocp4-moderate-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-kubelet-conf: + ocp4-moderate-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-multus-conf: + ocp4-moderate-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovn-db-files: + ocp4-moderate-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db: + ocp4-moderate-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-pid: + ocp4-moderate-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-worker-ca: + ocp4-moderate-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-kubeconfig: + ocp4-moderate-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-service: + ocp4-moderate-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-ownership-var-log-kube-audit: + ocp4-moderate-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-cni-conf: + ocp4-moderate-node-worker-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-dir: + ocp4-moderate-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-files: + ocp4-moderate-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-member: + ocp4-moderate-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ip-allocations: + ocp4-moderate-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-apiserver: + ocp4-moderate-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-controller-manager: + ocp4-moderate-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kubelet: + ocp4-moderate-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-kubelet-conf: + ocp4-moderate-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-multus-conf: + ocp4-moderate-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovn-db-files: + ocp4-moderate-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-pid: + ocp4-moderate-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-scheduler: + ocp4-moderate-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-worker-ca: + ocp4-moderate-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-kubeconfig: + ocp4-moderate-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-service: + ocp4-moderate-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-kubelet-anonymous-auth: + ocp4-moderate-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-authorization-mode: + ocp4-moderate-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-client-ca: + ocp4-moderate-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-event-creation: + ocp4-moderate-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-min-version: + ocp4-moderate-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-defaults: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-streaming-connections: + ocp4-moderate-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-reject-unsigned-images-by-default: + ocp4-moderate-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-moderate-node-4.13.yml b/tests/assertions/ocp4/ocp4-moderate-node-4.13.yml index cd0f6e324b7..5d38ba27624 100644 --- a/tests/assertions/ocp4/ocp4-moderate-node-4.13.yml +++ b/tests/assertions/ocp4/ocp4-moderate-node-4.13.yml @@ -1,720 +1,720 @@ rule_results: - e2e-moderate-node-master-directory-access-var-log-kube-audit: + ocp4-moderate-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-oauth-audit: + ocp4-moderate-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-ocp-audit: + ocp4-moderate-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-etcd-unique-ca: + ocp4-moderate-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-cni-conf: + ocp4-moderate-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-dir: + ocp4-moderate-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-files: + ocp4-moderate-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-member: + ocp4-moderate-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ip-allocations: + ocp4-moderate-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-kube-apiserver: + ocp4-moderate-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-controller-manager: + ocp4-moderate-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-scheduler: + ocp4-moderate-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kubelet-conf: + ocp4-moderate-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-multus-conf: + ocp4-moderate-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovn-db-files: + ocp4-moderate-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-pid: + ocp4-moderate-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-ca: + ocp4-moderate-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-service: + ocp4-moderate-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-cni-conf: + ocp4-moderate-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-dir: + ocp4-moderate-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-files: + ocp4-moderate-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-member: + ocp4-moderate-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ip-allocations: + ocp4-moderate-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-kube-apiserver: + ocp4-moderate-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-controller-manager: + ocp4-moderate-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-scheduler: + ocp4-moderate-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet: + ocp4-moderate-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet-conf: + ocp4-moderate-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-multus-conf: + ocp4-moderate-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-key-files: + ocp4-moderate-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-owner-ovn-db-files: + ocp4-moderate-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db: + ocp4-moderate-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-pid: + ocp4-moderate-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovsdb-server-pid: + ocp4-moderate-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-ca: + ocp4-moderate-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-kubeconfig: + ocp4-moderate-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-service: + ocp4-moderate-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-kube-audit: + ocp4-moderate-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-cni-conf: + ocp4-moderate-node-master-file-permissions-cni-conf: default_result: FAIL - e2e-moderate-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-dir: + ocp4-moderate-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-files: + ocp4-moderate-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-member: + ocp4-moderate-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ip-allocations: + ocp4-moderate-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-permissions-kube-apiserver: + ocp4-moderate-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kube-controller-manager: + ocp4-moderate-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet: + ocp4-moderate-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet-conf: + ocp4-moderate-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-multus-conf: + ocp4-moderate-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-permissions-ovn-db-files: + ocp4-moderate-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db: + ocp4-moderate-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-pid: + ocp4-moderate-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler: + ocp4-moderate-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-kube-audit: + ocp4-moderate-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-ca: + ocp4-moderate-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-kubeconfig: + ocp4-moderate-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-service: + ocp4-moderate-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-kubelet-anonymous-auth: + ocp4-moderate-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-authorization-mode: + ocp4-moderate-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-client-ca: + ocp4-moderate-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-event-creation: + ocp4-moderate-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-min-version: + ocp4-moderate-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-streaming-connections: + ocp4-moderate-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-master-reject-unsigned-images-by-default: + ocp4-moderate-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-directory-access-var-log-kube-audit: + ocp4-moderate-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-etcd-unique-ca: + ocp4-moderate-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-cni-conf: + ocp4-moderate-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-dir: + ocp4-moderate-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-files: + ocp4-moderate-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-member: + ocp4-moderate-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ip-allocations: + ocp4-moderate-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-apiserver: + ocp4-moderate-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-controller-manager: + ocp4-moderate-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-scheduler: + ocp4-moderate-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kubelet-conf: + ocp4-moderate-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-multus-conf: + ocp4-moderate-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovn-db-files: + ocp4-moderate-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-worker-ca: + ocp4-moderate-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-service: + ocp4-moderate-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-cni-conf: + ocp4-moderate-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-dir: + ocp4-moderate-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-files: + ocp4-moderate-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-member: + ocp4-moderate-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ip-allocations: + ocp4-moderate-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-apiserver: + ocp4-moderate-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-controller-manager: + ocp4-moderate-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-scheduler: + ocp4-moderate-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kubelet: + ocp4-moderate-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-kubelet-conf: + ocp4-moderate-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-multus-conf: + ocp4-moderate-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-owner-ovn-db-files: + ocp4-moderate-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db: + ocp4-moderate-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-pid: + ocp4-moderate-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-worker-ca: + ocp4-moderate-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-kubeconfig: + ocp4-moderate-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-service: + ocp4-moderate-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-ownership-var-log-kube-audit: + ocp4-moderate-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-cni-conf: + ocp4-moderate-node-worker-file-permissions-cni-conf: default_result: FAIL - e2e-moderate-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-dir: + ocp4-moderate-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-files: + ocp4-moderate-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-member: + ocp4-moderate-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ip-allocations: + ocp4-moderate-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-apiserver: + ocp4-moderate-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-controller-manager: + ocp4-moderate-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kubelet: + ocp4-moderate-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-kubelet-conf: + ocp4-moderate-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-multus-conf: + ocp4-moderate-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovn-db-files: + ocp4-moderate-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-pid: + ocp4-moderate-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-scheduler: + ocp4-moderate-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-worker-ca: + ocp4-moderate-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-kubeconfig: + ocp4-moderate-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-service: + ocp4-moderate-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-kubelet-anonymous-auth: + ocp4-moderate-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-authorization-mode: + ocp4-moderate-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-client-ca: + ocp4-moderate-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-event-creation: + ocp4-moderate-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-min-version: + ocp4-moderate-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-streaming-connections: + ocp4-moderate-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-worker-reject-unsigned-images-by-default: + ocp4-moderate-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-moderate-node-4.14.yml b/tests/assertions/ocp4/ocp4-moderate-node-4.14.yml index 7b396b434f0..c5ea44e457e 100644 --- a/tests/assertions/ocp4/ocp4-moderate-node-4.14.yml +++ b/tests/assertions/ocp4/ocp4-moderate-node-4.14.yml @@ -1,720 +1,720 @@ rule_results: - e2e-moderate-node-master-directory-access-var-log-kube-audit: + ocp4-moderate-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-oauth-audit: + ocp4-moderate-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-ocp-audit: + ocp4-moderate-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-etcd-unique-ca: + ocp4-moderate-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-cni-conf: + ocp4-moderate-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-dir: + ocp4-moderate-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-files: + ocp4-moderate-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-member: + ocp4-moderate-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ip-allocations: + ocp4-moderate-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-kube-apiserver: + ocp4-moderate-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-controller-manager: + ocp4-moderate-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-scheduler: + ocp4-moderate-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kubelet-conf: + ocp4-moderate-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-multus-conf: + ocp4-moderate-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovn-db-files: + ocp4-moderate-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-pid: + ocp4-moderate-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-ca: + ocp4-moderate-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-service: + ocp4-moderate-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-cni-conf: + ocp4-moderate-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-dir: + ocp4-moderate-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-files: + ocp4-moderate-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-member: + ocp4-moderate-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ip-allocations: + ocp4-moderate-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-kube-apiserver: + ocp4-moderate-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-controller-manager: + ocp4-moderate-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-scheduler: + ocp4-moderate-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet: + ocp4-moderate-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet-conf: + ocp4-moderate-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-multus-conf: + ocp4-moderate-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-key-files: + ocp4-moderate-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-owner-ovn-db-files: + ocp4-moderate-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db: + ocp4-moderate-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-pid: + ocp4-moderate-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovsdb-server-pid: + ocp4-moderate-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-ca: + ocp4-moderate-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-kubeconfig: + ocp4-moderate-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-service: + ocp4-moderate-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-kube-audit: + ocp4-moderate-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-cni-conf: + ocp4-moderate-node-master-file-permissions-cni-conf: default_result: PASS - e2e-moderate-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-dir: + ocp4-moderate-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-files: + ocp4-moderate-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-member: + ocp4-moderate-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ip-allocations: + ocp4-moderate-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-permissions-kube-apiserver: + ocp4-moderate-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kube-controller-manager: + ocp4-moderate-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet: + ocp4-moderate-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet-conf: + ocp4-moderate-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-multus-conf: + ocp4-moderate-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-permissions-ovn-db-files: + ocp4-moderate-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db: + ocp4-moderate-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-pid: + ocp4-moderate-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler: + ocp4-moderate-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-kube-audit: + ocp4-moderate-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-ca: + ocp4-moderate-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-kubeconfig: + ocp4-moderate-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-service: + ocp4-moderate-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-kubelet-anonymous-auth: + ocp4-moderate-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-authorization-mode: + ocp4-moderate-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-client-ca: + ocp4-moderate-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-event-creation: + ocp4-moderate-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-min-version: + ocp4-moderate-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-streaming-connections: + ocp4-moderate-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-master-reject-unsigned-images-by-default: + ocp4-moderate-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-directory-access-var-log-kube-audit: + ocp4-moderate-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-etcd-unique-ca: + ocp4-moderate-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-cni-conf: + ocp4-moderate-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-dir: + ocp4-moderate-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-files: + ocp4-moderate-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-member: + ocp4-moderate-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ip-allocations: + ocp4-moderate-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-apiserver: + ocp4-moderate-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-controller-manager: + ocp4-moderate-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-scheduler: + ocp4-moderate-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kubelet-conf: + ocp4-moderate-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-multus-conf: + ocp4-moderate-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovn-db-files: + ocp4-moderate-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-worker-ca: + ocp4-moderate-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-service: + ocp4-moderate-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-cni-conf: + ocp4-moderate-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-dir: + ocp4-moderate-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-files: + ocp4-moderate-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-member: + ocp4-moderate-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ip-allocations: + ocp4-moderate-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-apiserver: + ocp4-moderate-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-controller-manager: + ocp4-moderate-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-scheduler: + ocp4-moderate-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kubelet: + ocp4-moderate-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-kubelet-conf: + ocp4-moderate-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-multus-conf: + ocp4-moderate-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-owner-ovn-db-files: + ocp4-moderate-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db: + ocp4-moderate-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-pid: + ocp4-moderate-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-worker-ca: + ocp4-moderate-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-kubeconfig: + ocp4-moderate-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-service: + ocp4-moderate-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-ownership-var-log-kube-audit: + ocp4-moderate-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-cni-conf: + ocp4-moderate-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-moderate-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-dir: + ocp4-moderate-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-files: + ocp4-moderate-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-member: + ocp4-moderate-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ip-allocations: + ocp4-moderate-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-apiserver: + ocp4-moderate-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-controller-manager: + ocp4-moderate-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kubelet: + ocp4-moderate-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-kubelet-conf: + ocp4-moderate-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-multus-conf: + ocp4-moderate-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovn-db-files: + ocp4-moderate-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-pid: + ocp4-moderate-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-scheduler: + ocp4-moderate-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-worker-ca: + ocp4-moderate-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-kubeconfig: + ocp4-moderate-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-service: + ocp4-moderate-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-kubelet-anonymous-auth: + ocp4-moderate-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-authorization-mode: + ocp4-moderate-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-client-ca: + ocp4-moderate-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-event-creation: + ocp4-moderate-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-min-version: + ocp4-moderate-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-streaming-connections: + ocp4-moderate-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-worker-reject-unsigned-images-by-default: + ocp4-moderate-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-moderate-node-4.15.yml b/tests/assertions/ocp4/ocp4-moderate-node-4.15.yml index 7b396b434f0..c5ea44e457e 100644 --- a/tests/assertions/ocp4/ocp4-moderate-node-4.15.yml +++ b/tests/assertions/ocp4/ocp4-moderate-node-4.15.yml @@ -1,720 +1,720 @@ rule_results: - e2e-moderate-node-master-directory-access-var-log-kube-audit: + ocp4-moderate-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-oauth-audit: + ocp4-moderate-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-ocp-audit: + ocp4-moderate-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-etcd-unique-ca: + ocp4-moderate-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-cni-conf: + ocp4-moderate-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-dir: + ocp4-moderate-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-files: + ocp4-moderate-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-member: + ocp4-moderate-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ip-allocations: + ocp4-moderate-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-kube-apiserver: + ocp4-moderate-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-controller-manager: + ocp4-moderate-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-scheduler: + ocp4-moderate-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kubelet-conf: + ocp4-moderate-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-multus-conf: + ocp4-moderate-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovn-db-files: + ocp4-moderate-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-pid: + ocp4-moderate-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-ca: + ocp4-moderate-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-service: + ocp4-moderate-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-cni-conf: + ocp4-moderate-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-dir: + ocp4-moderate-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-files: + ocp4-moderate-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-member: + ocp4-moderate-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ip-allocations: + ocp4-moderate-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-kube-apiserver: + ocp4-moderate-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-controller-manager: + ocp4-moderate-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-scheduler: + ocp4-moderate-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet: + ocp4-moderate-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet-conf: + ocp4-moderate-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-multus-conf: + ocp4-moderate-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-key-files: + ocp4-moderate-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-owner-ovn-db-files: + ocp4-moderate-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db: + ocp4-moderate-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-pid: + ocp4-moderate-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovsdb-server-pid: + ocp4-moderate-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-ca: + ocp4-moderate-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-kubeconfig: + ocp4-moderate-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-service: + ocp4-moderate-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-kube-audit: + ocp4-moderate-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-cni-conf: + ocp4-moderate-node-master-file-permissions-cni-conf: default_result: PASS - e2e-moderate-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-dir: + ocp4-moderate-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-files: + ocp4-moderate-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-member: + ocp4-moderate-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ip-allocations: + ocp4-moderate-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-permissions-kube-apiserver: + ocp4-moderate-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kube-controller-manager: + ocp4-moderate-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet: + ocp4-moderate-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet-conf: + ocp4-moderate-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-multus-conf: + ocp4-moderate-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-permissions-ovn-db-files: + ocp4-moderate-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db: + ocp4-moderate-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-pid: + ocp4-moderate-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler: + ocp4-moderate-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-kube-audit: + ocp4-moderate-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-ca: + ocp4-moderate-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-kubeconfig: + ocp4-moderate-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-service: + ocp4-moderate-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-kubelet-anonymous-auth: + ocp4-moderate-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-authorization-mode: + ocp4-moderate-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-client-ca: + ocp4-moderate-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-event-creation: + ocp4-moderate-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-min-version: + ocp4-moderate-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-streaming-connections: + ocp4-moderate-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-master-reject-unsigned-images-by-default: + ocp4-moderate-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-directory-access-var-log-kube-audit: + ocp4-moderate-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-etcd-unique-ca: + ocp4-moderate-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-cni-conf: + ocp4-moderate-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-dir: + ocp4-moderate-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-files: + ocp4-moderate-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-member: + ocp4-moderate-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ip-allocations: + ocp4-moderate-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-apiserver: + ocp4-moderate-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-controller-manager: + ocp4-moderate-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-scheduler: + ocp4-moderate-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kubelet-conf: + ocp4-moderate-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-multus-conf: + ocp4-moderate-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovn-db-files: + ocp4-moderate-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-worker-ca: + ocp4-moderate-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-service: + ocp4-moderate-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-cni-conf: + ocp4-moderate-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-dir: + ocp4-moderate-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-files: + ocp4-moderate-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-member: + ocp4-moderate-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ip-allocations: + ocp4-moderate-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-apiserver: + ocp4-moderate-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-controller-manager: + ocp4-moderate-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-scheduler: + ocp4-moderate-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kubelet: + ocp4-moderate-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-kubelet-conf: + ocp4-moderate-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-multus-conf: + ocp4-moderate-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-owner-ovn-db-files: + ocp4-moderate-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db: + ocp4-moderate-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-pid: + ocp4-moderate-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-worker-ca: + ocp4-moderate-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-kubeconfig: + ocp4-moderate-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-service: + ocp4-moderate-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-ownership-var-log-kube-audit: + ocp4-moderate-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-cni-conf: + ocp4-moderate-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-moderate-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-dir: + ocp4-moderate-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-files: + ocp4-moderate-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-member: + ocp4-moderate-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ip-allocations: + ocp4-moderate-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-apiserver: + ocp4-moderate-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-controller-manager: + ocp4-moderate-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kubelet: + ocp4-moderate-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-kubelet-conf: + ocp4-moderate-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-multus-conf: + ocp4-moderate-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovn-db-files: + ocp4-moderate-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-pid: + ocp4-moderate-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-scheduler: + ocp4-moderate-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-worker-ca: + ocp4-moderate-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-kubeconfig: + ocp4-moderate-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-service: + ocp4-moderate-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-kubelet-anonymous-auth: + ocp4-moderate-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-authorization-mode: + ocp4-moderate-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-client-ca: + ocp4-moderate-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-event-creation: + ocp4-moderate-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-min-version: + ocp4-moderate-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-streaming-connections: + ocp4-moderate-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-worker-reject-unsigned-images-by-default: + ocp4-moderate-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-moderate-node-4.16.yml b/tests/assertions/ocp4/ocp4-moderate-node-4.16.yml index 7b396b434f0..c5ea44e457e 100644 --- a/tests/assertions/ocp4/ocp4-moderate-node-4.16.yml +++ b/tests/assertions/ocp4/ocp4-moderate-node-4.16.yml @@ -1,720 +1,720 @@ rule_results: - e2e-moderate-node-master-directory-access-var-log-kube-audit: + ocp4-moderate-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-oauth-audit: + ocp4-moderate-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-ocp-audit: + ocp4-moderate-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-etcd-unique-ca: + ocp4-moderate-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-cni-conf: + ocp4-moderate-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-dir: + ocp4-moderate-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-files: + ocp4-moderate-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-member: + ocp4-moderate-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ip-allocations: + ocp4-moderate-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-kube-apiserver: + ocp4-moderate-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-controller-manager: + ocp4-moderate-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-scheduler: + ocp4-moderate-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kubelet-conf: + ocp4-moderate-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-multus-conf: + ocp4-moderate-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovn-db-files: + ocp4-moderate-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-pid: + ocp4-moderate-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-ca: + ocp4-moderate-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-service: + ocp4-moderate-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-cni-conf: + ocp4-moderate-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-dir: + ocp4-moderate-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-files: + ocp4-moderate-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-member: + ocp4-moderate-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ip-allocations: + ocp4-moderate-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-kube-apiserver: + ocp4-moderate-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-controller-manager: + ocp4-moderate-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-scheduler: + ocp4-moderate-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet: + ocp4-moderate-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet-conf: + ocp4-moderate-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-multus-conf: + ocp4-moderate-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-key-files: + ocp4-moderate-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-owner-ovn-db-files: + ocp4-moderate-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db: + ocp4-moderate-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-pid: + ocp4-moderate-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovsdb-server-pid: + ocp4-moderate-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-ca: + ocp4-moderate-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-kubeconfig: + ocp4-moderate-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-service: + ocp4-moderate-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-kube-audit: + ocp4-moderate-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-cni-conf: + ocp4-moderate-node-master-file-permissions-cni-conf: default_result: PASS - e2e-moderate-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-dir: + ocp4-moderate-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-files: + ocp4-moderate-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-member: + ocp4-moderate-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ip-allocations: + ocp4-moderate-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-permissions-kube-apiserver: + ocp4-moderate-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kube-controller-manager: + ocp4-moderate-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet: + ocp4-moderate-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet-conf: + ocp4-moderate-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-multus-conf: + ocp4-moderate-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-permissions-ovn-db-files: + ocp4-moderate-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db: + ocp4-moderate-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-pid: + ocp4-moderate-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler: + ocp4-moderate-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-kube-audit: + ocp4-moderate-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-ca: + ocp4-moderate-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-kubeconfig: + ocp4-moderate-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-service: + ocp4-moderate-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-kubelet-anonymous-auth: + ocp4-moderate-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-authorization-mode: + ocp4-moderate-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-client-ca: + ocp4-moderate-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-event-creation: + ocp4-moderate-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-min-version: + ocp4-moderate-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-streaming-connections: + ocp4-moderate-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-master-reject-unsigned-images-by-default: + ocp4-moderate-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-directory-access-var-log-kube-audit: + ocp4-moderate-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-etcd-unique-ca: + ocp4-moderate-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-cni-conf: + ocp4-moderate-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-dir: + ocp4-moderate-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-files: + ocp4-moderate-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-member: + ocp4-moderate-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ip-allocations: + ocp4-moderate-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-apiserver: + ocp4-moderate-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-controller-manager: + ocp4-moderate-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-scheduler: + ocp4-moderate-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kubelet-conf: + ocp4-moderate-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-multus-conf: + ocp4-moderate-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovn-db-files: + ocp4-moderate-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-worker-ca: + ocp4-moderate-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-service: + ocp4-moderate-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-cni-conf: + ocp4-moderate-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-dir: + ocp4-moderate-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-files: + ocp4-moderate-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-member: + ocp4-moderate-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ip-allocations: + ocp4-moderate-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-apiserver: + ocp4-moderate-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-controller-manager: + ocp4-moderate-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-scheduler: + ocp4-moderate-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kubelet: + ocp4-moderate-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-kubelet-conf: + ocp4-moderate-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-multus-conf: + ocp4-moderate-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-owner-ovn-db-files: + ocp4-moderate-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db: + ocp4-moderate-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-pid: + ocp4-moderate-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-worker-ca: + ocp4-moderate-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-kubeconfig: + ocp4-moderate-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-service: + ocp4-moderate-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-ownership-var-log-kube-audit: + ocp4-moderate-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-cni-conf: + ocp4-moderate-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-moderate-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-dir: + ocp4-moderate-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-files: + ocp4-moderate-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-member: + ocp4-moderate-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ip-allocations: + ocp4-moderate-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-apiserver: + ocp4-moderate-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-controller-manager: + ocp4-moderate-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kubelet: + ocp4-moderate-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-kubelet-conf: + ocp4-moderate-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-multus-conf: + ocp4-moderate-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovn-db-files: + ocp4-moderate-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-pid: + ocp4-moderate-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-scheduler: + ocp4-moderate-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-worker-ca: + ocp4-moderate-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-kubeconfig: + ocp4-moderate-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-service: + ocp4-moderate-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-kubelet-anonymous-auth: + ocp4-moderate-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-authorization-mode: + ocp4-moderate-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-client-ca: + ocp4-moderate-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-event-creation: + ocp4-moderate-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-min-version: + ocp4-moderate-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-streaming-connections: + ocp4-moderate-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-worker-reject-unsigned-images-by-default: + ocp4-moderate-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-moderate-node-4.17.yml b/tests/assertions/ocp4/ocp4-moderate-node-4.17.yml index c35877839fb..c63bcaa7bc3 100644 --- a/tests/assertions/ocp4/ocp4-moderate-node-4.17.yml +++ b/tests/assertions/ocp4/ocp4-moderate-node-4.17.yml @@ -1,739 +1,739 @@ rule_results: - e2e-moderate-node-master-directory-access-var-log-kube-audit: + ocp4-moderate-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-oauth-audit: + ocp4-moderate-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-ocp-audit: + ocp4-moderate-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-etcd-unique-ca: + ocp4-moderate-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-cni-conf: + ocp4-moderate-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-dir: + ocp4-moderate-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-files: + ocp4-moderate-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-member: + ocp4-moderate-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ip-allocations: + ocp4-moderate-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-kube-apiserver: + ocp4-moderate-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-controller-manager: + ocp4-moderate-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-scheduler: + ocp4-moderate-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kubelet-conf: + ocp4-moderate-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-multus-conf: + ocp4-moderate-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovn-db-files: + ocp4-moderate-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-pid: + ocp4-moderate-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-ca: + ocp4-moderate-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-service: + ocp4-moderate-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-cni-conf: + ocp4-moderate-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-dir: + ocp4-moderate-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-files: + ocp4-moderate-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-member: + ocp4-moderate-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ip-allocations: + ocp4-moderate-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-kube-apiserver: + ocp4-moderate-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-controller-manager: + ocp4-moderate-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-scheduler: + ocp4-moderate-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet: + ocp4-moderate-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet-conf: + ocp4-moderate-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-multus-conf: + ocp4-moderate-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-key-files: + ocp4-moderate-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovn-db-files: + ocp4-moderate-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db: + ocp4-moderate-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-pid: + ocp4-moderate-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovsdb-server-pid: + ocp4-moderate-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-ca: + ocp4-moderate-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-kubeconfig: + ocp4-moderate-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-service: + ocp4-moderate-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-kube-audit: + ocp4-moderate-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-cni-conf: + ocp4-moderate-node-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-dir: + ocp4-moderate-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-files: + ocp4-moderate-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-member: + ocp4-moderate-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ip-allocations: + ocp4-moderate-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-permissions-kube-apiserver: + ocp4-moderate-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kube-controller-manager: + ocp4-moderate-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet: + ocp4-moderate-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet-conf: + ocp4-moderate-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-multus-conf: + ocp4-moderate-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-db-files: + ocp4-moderate-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db: + ocp4-moderate-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-pid: + ocp4-moderate-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler: + ocp4-moderate-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-kube-audit: + ocp4-moderate-node-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-ca: + ocp4-moderate-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-kubeconfig: + ocp4-moderate-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-service: + ocp4-moderate-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-kubelet-anonymous-auth: + ocp4-moderate-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-authorization-mode: + ocp4-moderate-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-client-ca: + ocp4-moderate-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-event-creation: + ocp4-moderate-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-min-version: + ocp4-moderate-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-streaming-connections: + ocp4-moderate-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-reject-unsigned-images-by-default: + ocp4-moderate-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-directory-access-var-log-kube-audit: + ocp4-moderate-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-etcd-unique-ca: + ocp4-moderate-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-cni-conf: + ocp4-moderate-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-dir: + ocp4-moderate-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-files: + ocp4-moderate-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-member: + ocp4-moderate-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ip-allocations: + ocp4-moderate-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-apiserver: + ocp4-moderate-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-controller-manager: + ocp4-moderate-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-scheduler: + ocp4-moderate-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kubelet-conf: + ocp4-moderate-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-multus-conf: + ocp4-moderate-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovn-db-files: + ocp4-moderate-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-worker-ca: + ocp4-moderate-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-service: + ocp4-moderate-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-cni-conf: + ocp4-moderate-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-dir: + ocp4-moderate-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-files: + ocp4-moderate-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-member: + ocp4-moderate-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ip-allocations: + ocp4-moderate-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-apiserver: + ocp4-moderate-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-controller-manager: + ocp4-moderate-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-scheduler: + ocp4-moderate-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kubelet: + ocp4-moderate-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-kubelet-conf: + ocp4-moderate-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-multus-conf: + ocp4-moderate-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovn-db-files: + ocp4-moderate-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db: + ocp4-moderate-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-pid: + ocp4-moderate-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-worker-ca: + ocp4-moderate-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-kubeconfig: + ocp4-moderate-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-service: + ocp4-moderate-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-ownership-var-log-kube-audit: + ocp4-moderate-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-cni-conf: + ocp4-moderate-node-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-dir: + ocp4-moderate-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-files: + ocp4-moderate-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-member: + ocp4-moderate-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ip-allocations: + ocp4-moderate-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-apiserver: + ocp4-moderate-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-controller-manager: + ocp4-moderate-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kubelet: + ocp4-moderate-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-kubelet-conf: + ocp4-moderate-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-multus-conf: + ocp4-moderate-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovn-db-files: + ocp4-moderate-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-pid: + ocp4-moderate-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-scheduler: + ocp4-moderate-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-worker-ca: + ocp4-moderate-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-kubeconfig: + ocp4-moderate-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-service: + ocp4-moderate-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-kubelet-anonymous-auth: + ocp4-moderate-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-authorization-mode: + ocp4-moderate-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-client-ca: + ocp4-moderate-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-event-creation: + ocp4-moderate-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-min-version: + ocp4-moderate-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-streaming-connections: + ocp4-moderate-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-reject-unsigned-images-by-default: + ocp4-moderate-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-moderate-node-4.18.yml b/tests/assertions/ocp4/ocp4-moderate-node-4.18.yml index c35877839fb..c63bcaa7bc3 100644 --- a/tests/assertions/ocp4/ocp4-moderate-node-4.18.yml +++ b/tests/assertions/ocp4/ocp4-moderate-node-4.18.yml @@ -1,739 +1,739 @@ rule_results: - e2e-moderate-node-master-directory-access-var-log-kube-audit: + ocp4-moderate-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-oauth-audit: + ocp4-moderate-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-ocp-audit: + ocp4-moderate-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-etcd-unique-ca: + ocp4-moderate-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-cni-conf: + ocp4-moderate-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-dir: + ocp4-moderate-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-files: + ocp4-moderate-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-member: + ocp4-moderate-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ip-allocations: + ocp4-moderate-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-kube-apiserver: + ocp4-moderate-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-controller-manager: + ocp4-moderate-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-scheduler: + ocp4-moderate-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kubelet-conf: + ocp4-moderate-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-multus-conf: + ocp4-moderate-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovn-db-files: + ocp4-moderate-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-pid: + ocp4-moderate-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-ca: + ocp4-moderate-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-service: + ocp4-moderate-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-cni-conf: + ocp4-moderate-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-dir: + ocp4-moderate-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-files: + ocp4-moderate-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-member: + ocp4-moderate-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ip-allocations: + ocp4-moderate-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-kube-apiserver: + ocp4-moderate-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-controller-manager: + ocp4-moderate-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-scheduler: + ocp4-moderate-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet: + ocp4-moderate-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet-conf: + ocp4-moderate-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-multus-conf: + ocp4-moderate-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-key-files: + ocp4-moderate-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovn-db-files: + ocp4-moderate-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db: + ocp4-moderate-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-pid: + ocp4-moderate-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovsdb-server-pid: + ocp4-moderate-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-ca: + ocp4-moderate-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-kubeconfig: + ocp4-moderate-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-service: + ocp4-moderate-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-kube-audit: + ocp4-moderate-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-cni-conf: + ocp4-moderate-node-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-dir: + ocp4-moderate-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-files: + ocp4-moderate-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-member: + ocp4-moderate-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ip-allocations: + ocp4-moderate-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-permissions-kube-apiserver: + ocp4-moderate-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kube-controller-manager: + ocp4-moderate-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet: + ocp4-moderate-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet-conf: + ocp4-moderate-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-multus-conf: + ocp4-moderate-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-db-files: + ocp4-moderate-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db: + ocp4-moderate-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-pid: + ocp4-moderate-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler: + ocp4-moderate-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-kube-audit: + ocp4-moderate-node-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-ca: + ocp4-moderate-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-kubeconfig: + ocp4-moderate-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-service: + ocp4-moderate-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-kubelet-anonymous-auth: + ocp4-moderate-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-authorization-mode: + ocp4-moderate-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-client-ca: + ocp4-moderate-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-event-creation: + ocp4-moderate-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-min-version: + ocp4-moderate-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-streaming-connections: + ocp4-moderate-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-reject-unsigned-images-by-default: + ocp4-moderate-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-directory-access-var-log-kube-audit: + ocp4-moderate-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-etcd-unique-ca: + ocp4-moderate-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-cni-conf: + ocp4-moderate-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-dir: + ocp4-moderate-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-files: + ocp4-moderate-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-member: + ocp4-moderate-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ip-allocations: + ocp4-moderate-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-apiserver: + ocp4-moderate-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-controller-manager: + ocp4-moderate-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-scheduler: + ocp4-moderate-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kubelet-conf: + ocp4-moderate-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-multus-conf: + ocp4-moderate-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovn-db-files: + ocp4-moderate-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-worker-ca: + ocp4-moderate-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-service: + ocp4-moderate-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-cni-conf: + ocp4-moderate-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-dir: + ocp4-moderate-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-files: + ocp4-moderate-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-member: + ocp4-moderate-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ip-allocations: + ocp4-moderate-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-apiserver: + ocp4-moderate-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-controller-manager: + ocp4-moderate-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-scheduler: + ocp4-moderate-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kubelet: + ocp4-moderate-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-kubelet-conf: + ocp4-moderate-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-multus-conf: + ocp4-moderate-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovn-db-files: + ocp4-moderate-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db: + ocp4-moderate-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-pid: + ocp4-moderate-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-worker-ca: + ocp4-moderate-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-kubeconfig: + ocp4-moderate-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-service: + ocp4-moderate-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-ownership-var-log-kube-audit: + ocp4-moderate-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-cni-conf: + ocp4-moderate-node-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-dir: + ocp4-moderate-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-files: + ocp4-moderate-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-member: + ocp4-moderate-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ip-allocations: + ocp4-moderate-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-apiserver: + ocp4-moderate-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-controller-manager: + ocp4-moderate-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kubelet: + ocp4-moderate-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-kubelet-conf: + ocp4-moderate-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-multus-conf: + ocp4-moderate-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovn-db-files: + ocp4-moderate-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-pid: + ocp4-moderate-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-scheduler: + ocp4-moderate-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-worker-ca: + ocp4-moderate-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-kubeconfig: + ocp4-moderate-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-service: + ocp4-moderate-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-kubelet-anonymous-auth: + ocp4-moderate-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-authorization-mode: + ocp4-moderate-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-client-ca: + ocp4-moderate-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-event-creation: + ocp4-moderate-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-min-version: + ocp4-moderate-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-streaming-connections: + ocp4-moderate-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-reject-unsigned-images-by-default: + ocp4-moderate-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.12.yml b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.12.yml index 80db049b615..7faae2998b0 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.12.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.12.yml @@ -1,364 +1,364 @@ rule_results: - e2e-pci-dss-4-0-accounts-restrict-service-account-tokens: + ocp4-pci-dss-4-0-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-accounts-unique-service-account: + ocp4-pci-dss-4-0-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-acs-sensor-exists: + ocp4-pci-dss-4-0-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-alert-receiver-configured: + ocp4-pci-dss-4-0-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-scc: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-anonymous-auth: + ocp4-pci-dss-4-0-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-path: + ocp4-pci-dss-4-0-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-no-aa: + ocp4-pci-dss-4-0-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-rbac: + ocp4-pci-dss-4-0-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-basic-auth: + ocp4-pci-dss-4-0-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-bind-address: + ocp4-pci-dss-4-0-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-client-ca: + ocp4-pci-dss-4-0-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-encryption-provider-cipher: + ocp4-pci-dss-4-0-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-ca: + ocp4-pci-dss-4-0-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-cert: + ocp4-pci-dss-4-0-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-key: + ocp4-pci-dss-4-0-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-https-for-kubelet-conn: + ocp4-pci-dss-4-0-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-insecure-bind-address: + ocp4-pci-dss-4-0-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-certificate-authority: + ocp4-pci-dss-4-0-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-kubelet-client-key: + ocp4-pci-dss-4-0-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-oauth-https-serving-cert: + ocp4-pci-dss-4-0-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-openshift-https-serving-cert: + ocp4-pci-dss-4-0-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-request-timeout: + ocp4-pci-dss-4-0-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-lookup: + ocp4-pci-dss-4-0-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-public-key: + ocp4-pci-dss-4-0-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cert: + ocp4-pci-dss-4-0-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cipher-suites: + ocp4-pci-dss-4-0-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-private-key: + ocp4-pci-dss-4-0-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile: + ocp4-pci-dss-4-0-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-token-auth: + ocp4-pci-dss-4-0-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-error-alert-exists: + ocp4-pci-dss-4-0-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-log-forwarding-enabled: + ocp4-pci-dss-4-0-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-audit-log-forwarding-webhook: + ocp4-pci-dss-4-0-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-audit-logging-enabled: + ocp4-pci-dss-4-0-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-profile-set: + ocp4-pci-dss-4-0-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies: + ocp4-pci-dss-4-0-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-4-0-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-configure-network-policies-namespaces: + ocp4-pci-dss-4-0-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-container-security-operator-exists: + ocp4-pci-dss-4-0-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-controller-insecure-port-disabled: + ocp4-pci-dss-4-0-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-secure-port: + ocp4-pci-dss-4-0-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-ca: + ocp4-pci-dss-4-0-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-private-key: + ocp4-pci-dss-4-0-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-use-service-account: + ocp4-pci-dss-4-0-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-auto-tls: + ocp4-pci-dss-4-0-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-cert-file: + ocp4-pci-dss-4-0-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-client-cert-auth: + ocp4-pci-dss-4-0-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-key-file: + ocp4-pci-dss-4-0-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-auto-tls: + ocp4-pci-dss-4-0-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-cert-file: + ocp4-pci-dss-4-0-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-client-cert-auth: + ocp4-pci-dss-4-0-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-key-file: + ocp4-pci-dss-4-0-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-exists: + ocp4-pci-dss-4-0-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-notification-enabled: + ocp4-pci-dss-4-0-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-owner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-general-apply-scc: + ocp4-pci-dss-4-0-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-namespace-use: + ocp4-pci-dss-4-0-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-seccomp-profile: + ocp4-pci-dss-4-0-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-namespaces-in-use: + ocp4-pci-dss-4-0-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-idp-is-configured: + ocp4-pci-dss-4-0-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-certificate: + ocp4-pci-dss-4-0-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-security-profile: + ocp4-pci-dss-4-0-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubeadmin-removed: + ocp4-pci-dss-4-0-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-kubelet-configure-tls-cert: + ocp4-pci-dss-4-0-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-key: + ocp4-pci-dss-4-0-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-disable-readonly-port: + ocp4-pci-dss-4-0-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-machine-volume-encrypted: + ocp4-pci-dss-4-0-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-allowed-registries: + ocp4-pci-dss-4-0-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-idp-no-htpasswd: + ocp4-pci-dss-4-0-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-registries: + ocp4-pci-dss-4-0-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-no-ldap-insecure: + ocp4-pci-dss-4-0-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-openshift-api-server-audit-log-path: + ocp4-pci-dss-4-0-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-cluster-roles-defined: + ocp4-pci-dss-4-0-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-debug-role-protects-pprof: + ocp4-pci-dss-4-0-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-least-privilege: + ocp4-pci-dss-4-0-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-cluster-admin: + ocp4-pci-dss-4-0-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-secrets-access: + ocp4-pci-dss-4-0-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-pod-creation-access: + ocp4-pci-dss-4-0-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-roles-defined: + ocp4-pci-dss-4-0-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-wildcard-use: + ocp4-pci-dss-4-0-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-routes-protected-by-tls: + ocp4-pci-dss-4-0-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scansettingbinding-exists: + ocp4-pci-dss-4-0-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-drop-container-capabilities: + ocp4-pci-dss-4-0-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-4-0-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-limit-ipc-namespace: + ocp4-pci-dss-4-0-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-net-raw-capability: + ocp4-pci-dss-4-0-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-network-namespace: + ocp4-pci-dss-4-0-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privilege-escalation: + ocp4-pci-dss-4-0-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privileged-containers: + ocp4-pci-dss-4-0-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-process-id-namespace: + ocp4-pci-dss-4-0-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-root-containers: + ocp4-pci-dss-4-0-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scheduler-service-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-secrets-consider-external-storage: + ocp4-pci-dss-4-0-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-secrets-no-environment-variables: + ocp4-pci-dss-4-0-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-security-profiles-operator-exists: + ocp4-pci-dss-4-0-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-storageclass-encryption-enabled: + ocp4-pci-dss-4-0-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-apiserver: + ocp4-pci-dss-4-0-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-router: + ocp4-pci-dss-4-0-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-not-old: + ocp4-pci-dss-4-0-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-4-0-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.13.yml b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.13.yml index 80db049b615..7faae2998b0 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.13.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.13.yml @@ -1,364 +1,364 @@ rule_results: - e2e-pci-dss-4-0-accounts-restrict-service-account-tokens: + ocp4-pci-dss-4-0-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-accounts-unique-service-account: + ocp4-pci-dss-4-0-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-acs-sensor-exists: + ocp4-pci-dss-4-0-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-alert-receiver-configured: + ocp4-pci-dss-4-0-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-scc: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-anonymous-auth: + ocp4-pci-dss-4-0-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-path: + ocp4-pci-dss-4-0-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-no-aa: + ocp4-pci-dss-4-0-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-rbac: + ocp4-pci-dss-4-0-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-basic-auth: + ocp4-pci-dss-4-0-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-bind-address: + ocp4-pci-dss-4-0-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-client-ca: + ocp4-pci-dss-4-0-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-encryption-provider-cipher: + ocp4-pci-dss-4-0-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-ca: + ocp4-pci-dss-4-0-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-cert: + ocp4-pci-dss-4-0-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-key: + ocp4-pci-dss-4-0-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-https-for-kubelet-conn: + ocp4-pci-dss-4-0-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-insecure-bind-address: + ocp4-pci-dss-4-0-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-certificate-authority: + ocp4-pci-dss-4-0-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-kubelet-client-key: + ocp4-pci-dss-4-0-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-oauth-https-serving-cert: + ocp4-pci-dss-4-0-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-openshift-https-serving-cert: + ocp4-pci-dss-4-0-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-request-timeout: + ocp4-pci-dss-4-0-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-lookup: + ocp4-pci-dss-4-0-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-public-key: + ocp4-pci-dss-4-0-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cert: + ocp4-pci-dss-4-0-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cipher-suites: + ocp4-pci-dss-4-0-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-private-key: + ocp4-pci-dss-4-0-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile: + ocp4-pci-dss-4-0-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-token-auth: + ocp4-pci-dss-4-0-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-error-alert-exists: + ocp4-pci-dss-4-0-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-log-forwarding-enabled: + ocp4-pci-dss-4-0-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-audit-log-forwarding-webhook: + ocp4-pci-dss-4-0-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-audit-logging-enabled: + ocp4-pci-dss-4-0-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-profile-set: + ocp4-pci-dss-4-0-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies: + ocp4-pci-dss-4-0-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-4-0-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-configure-network-policies-namespaces: + ocp4-pci-dss-4-0-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-container-security-operator-exists: + ocp4-pci-dss-4-0-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-controller-insecure-port-disabled: + ocp4-pci-dss-4-0-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-secure-port: + ocp4-pci-dss-4-0-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-ca: + ocp4-pci-dss-4-0-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-private-key: + ocp4-pci-dss-4-0-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-use-service-account: + ocp4-pci-dss-4-0-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-auto-tls: + ocp4-pci-dss-4-0-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-cert-file: + ocp4-pci-dss-4-0-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-client-cert-auth: + ocp4-pci-dss-4-0-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-key-file: + ocp4-pci-dss-4-0-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-auto-tls: + ocp4-pci-dss-4-0-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-cert-file: + ocp4-pci-dss-4-0-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-client-cert-auth: + ocp4-pci-dss-4-0-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-key-file: + ocp4-pci-dss-4-0-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-exists: + ocp4-pci-dss-4-0-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-notification-enabled: + ocp4-pci-dss-4-0-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-owner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-general-apply-scc: + ocp4-pci-dss-4-0-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-namespace-use: + ocp4-pci-dss-4-0-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-seccomp-profile: + ocp4-pci-dss-4-0-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-namespaces-in-use: + ocp4-pci-dss-4-0-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-idp-is-configured: + ocp4-pci-dss-4-0-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-certificate: + ocp4-pci-dss-4-0-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-security-profile: + ocp4-pci-dss-4-0-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubeadmin-removed: + ocp4-pci-dss-4-0-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-kubelet-configure-tls-cert: + ocp4-pci-dss-4-0-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-key: + ocp4-pci-dss-4-0-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-disable-readonly-port: + ocp4-pci-dss-4-0-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-machine-volume-encrypted: + ocp4-pci-dss-4-0-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-allowed-registries: + ocp4-pci-dss-4-0-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-idp-no-htpasswd: + ocp4-pci-dss-4-0-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-registries: + ocp4-pci-dss-4-0-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-no-ldap-insecure: + ocp4-pci-dss-4-0-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-openshift-api-server-audit-log-path: + ocp4-pci-dss-4-0-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-cluster-roles-defined: + ocp4-pci-dss-4-0-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-debug-role-protects-pprof: + ocp4-pci-dss-4-0-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-least-privilege: + ocp4-pci-dss-4-0-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-cluster-admin: + ocp4-pci-dss-4-0-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-secrets-access: + ocp4-pci-dss-4-0-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-pod-creation-access: + ocp4-pci-dss-4-0-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-roles-defined: + ocp4-pci-dss-4-0-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-wildcard-use: + ocp4-pci-dss-4-0-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-routes-protected-by-tls: + ocp4-pci-dss-4-0-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scansettingbinding-exists: + ocp4-pci-dss-4-0-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-drop-container-capabilities: + ocp4-pci-dss-4-0-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-4-0-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-limit-ipc-namespace: + ocp4-pci-dss-4-0-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-net-raw-capability: + ocp4-pci-dss-4-0-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-network-namespace: + ocp4-pci-dss-4-0-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privilege-escalation: + ocp4-pci-dss-4-0-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privileged-containers: + ocp4-pci-dss-4-0-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-process-id-namespace: + ocp4-pci-dss-4-0-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-root-containers: + ocp4-pci-dss-4-0-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scheduler-service-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-secrets-consider-external-storage: + ocp4-pci-dss-4-0-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-secrets-no-environment-variables: + ocp4-pci-dss-4-0-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-security-profiles-operator-exists: + ocp4-pci-dss-4-0-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-storageclass-encryption-enabled: + ocp4-pci-dss-4-0-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-apiserver: + ocp4-pci-dss-4-0-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-router: + ocp4-pci-dss-4-0-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-not-old: + ocp4-pci-dss-4-0-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-4-0-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.14.yml b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.14.yml index 80db049b615..7faae2998b0 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.14.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.14.yml @@ -1,364 +1,364 @@ rule_results: - e2e-pci-dss-4-0-accounts-restrict-service-account-tokens: + ocp4-pci-dss-4-0-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-accounts-unique-service-account: + ocp4-pci-dss-4-0-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-acs-sensor-exists: + ocp4-pci-dss-4-0-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-alert-receiver-configured: + ocp4-pci-dss-4-0-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-scc: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-anonymous-auth: + ocp4-pci-dss-4-0-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-path: + ocp4-pci-dss-4-0-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-no-aa: + ocp4-pci-dss-4-0-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-rbac: + ocp4-pci-dss-4-0-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-basic-auth: + ocp4-pci-dss-4-0-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-bind-address: + ocp4-pci-dss-4-0-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-client-ca: + ocp4-pci-dss-4-0-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-encryption-provider-cipher: + ocp4-pci-dss-4-0-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-ca: + ocp4-pci-dss-4-0-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-cert: + ocp4-pci-dss-4-0-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-key: + ocp4-pci-dss-4-0-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-https-for-kubelet-conn: + ocp4-pci-dss-4-0-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-insecure-bind-address: + ocp4-pci-dss-4-0-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-certificate-authority: + ocp4-pci-dss-4-0-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-kubelet-client-key: + ocp4-pci-dss-4-0-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-oauth-https-serving-cert: + ocp4-pci-dss-4-0-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-openshift-https-serving-cert: + ocp4-pci-dss-4-0-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-request-timeout: + ocp4-pci-dss-4-0-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-lookup: + ocp4-pci-dss-4-0-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-public-key: + ocp4-pci-dss-4-0-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cert: + ocp4-pci-dss-4-0-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cipher-suites: + ocp4-pci-dss-4-0-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-private-key: + ocp4-pci-dss-4-0-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile: + ocp4-pci-dss-4-0-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-token-auth: + ocp4-pci-dss-4-0-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-error-alert-exists: + ocp4-pci-dss-4-0-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-log-forwarding-enabled: + ocp4-pci-dss-4-0-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-audit-log-forwarding-webhook: + ocp4-pci-dss-4-0-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-audit-logging-enabled: + ocp4-pci-dss-4-0-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-profile-set: + ocp4-pci-dss-4-0-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies: + ocp4-pci-dss-4-0-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-4-0-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-configure-network-policies-namespaces: + ocp4-pci-dss-4-0-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-container-security-operator-exists: + ocp4-pci-dss-4-0-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-controller-insecure-port-disabled: + ocp4-pci-dss-4-0-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-secure-port: + ocp4-pci-dss-4-0-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-ca: + ocp4-pci-dss-4-0-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-private-key: + ocp4-pci-dss-4-0-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-use-service-account: + ocp4-pci-dss-4-0-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-auto-tls: + ocp4-pci-dss-4-0-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-cert-file: + ocp4-pci-dss-4-0-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-client-cert-auth: + ocp4-pci-dss-4-0-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-key-file: + ocp4-pci-dss-4-0-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-auto-tls: + ocp4-pci-dss-4-0-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-cert-file: + ocp4-pci-dss-4-0-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-client-cert-auth: + ocp4-pci-dss-4-0-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-key-file: + ocp4-pci-dss-4-0-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-exists: + ocp4-pci-dss-4-0-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-notification-enabled: + ocp4-pci-dss-4-0-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-owner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-general-apply-scc: + ocp4-pci-dss-4-0-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-namespace-use: + ocp4-pci-dss-4-0-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-seccomp-profile: + ocp4-pci-dss-4-0-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-namespaces-in-use: + ocp4-pci-dss-4-0-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-idp-is-configured: + ocp4-pci-dss-4-0-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-certificate: + ocp4-pci-dss-4-0-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-security-profile: + ocp4-pci-dss-4-0-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubeadmin-removed: + ocp4-pci-dss-4-0-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-kubelet-configure-tls-cert: + ocp4-pci-dss-4-0-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-key: + ocp4-pci-dss-4-0-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-disable-readonly-port: + ocp4-pci-dss-4-0-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-machine-volume-encrypted: + ocp4-pci-dss-4-0-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-allowed-registries: + ocp4-pci-dss-4-0-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-idp-no-htpasswd: + ocp4-pci-dss-4-0-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-registries: + ocp4-pci-dss-4-0-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-no-ldap-insecure: + ocp4-pci-dss-4-0-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-openshift-api-server-audit-log-path: + ocp4-pci-dss-4-0-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-cluster-roles-defined: + ocp4-pci-dss-4-0-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-debug-role-protects-pprof: + ocp4-pci-dss-4-0-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-least-privilege: + ocp4-pci-dss-4-0-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-cluster-admin: + ocp4-pci-dss-4-0-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-secrets-access: + ocp4-pci-dss-4-0-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-pod-creation-access: + ocp4-pci-dss-4-0-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-roles-defined: + ocp4-pci-dss-4-0-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-wildcard-use: + ocp4-pci-dss-4-0-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-routes-protected-by-tls: + ocp4-pci-dss-4-0-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scansettingbinding-exists: + ocp4-pci-dss-4-0-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-drop-container-capabilities: + ocp4-pci-dss-4-0-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-4-0-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-limit-ipc-namespace: + ocp4-pci-dss-4-0-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-net-raw-capability: + ocp4-pci-dss-4-0-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-network-namespace: + ocp4-pci-dss-4-0-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privilege-escalation: + ocp4-pci-dss-4-0-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privileged-containers: + ocp4-pci-dss-4-0-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-process-id-namespace: + ocp4-pci-dss-4-0-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-root-containers: + ocp4-pci-dss-4-0-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scheduler-service-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-secrets-consider-external-storage: + ocp4-pci-dss-4-0-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-secrets-no-environment-variables: + ocp4-pci-dss-4-0-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-security-profiles-operator-exists: + ocp4-pci-dss-4-0-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-storageclass-encryption-enabled: + ocp4-pci-dss-4-0-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-apiserver: + ocp4-pci-dss-4-0-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-router: + ocp4-pci-dss-4-0-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-not-old: + ocp4-pci-dss-4-0-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-4-0-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.15.yml b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.15.yml index 80db049b615..7faae2998b0 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.15.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.15.yml @@ -1,364 +1,364 @@ rule_results: - e2e-pci-dss-4-0-accounts-restrict-service-account-tokens: + ocp4-pci-dss-4-0-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-accounts-unique-service-account: + ocp4-pci-dss-4-0-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-acs-sensor-exists: + ocp4-pci-dss-4-0-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-alert-receiver-configured: + ocp4-pci-dss-4-0-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-scc: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-anonymous-auth: + ocp4-pci-dss-4-0-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-path: + ocp4-pci-dss-4-0-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-no-aa: + ocp4-pci-dss-4-0-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-rbac: + ocp4-pci-dss-4-0-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-basic-auth: + ocp4-pci-dss-4-0-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-bind-address: + ocp4-pci-dss-4-0-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-client-ca: + ocp4-pci-dss-4-0-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-encryption-provider-cipher: + ocp4-pci-dss-4-0-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-ca: + ocp4-pci-dss-4-0-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-cert: + ocp4-pci-dss-4-0-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-key: + ocp4-pci-dss-4-0-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-https-for-kubelet-conn: + ocp4-pci-dss-4-0-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-insecure-bind-address: + ocp4-pci-dss-4-0-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-certificate-authority: + ocp4-pci-dss-4-0-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-kubelet-client-key: + ocp4-pci-dss-4-0-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-oauth-https-serving-cert: + ocp4-pci-dss-4-0-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-openshift-https-serving-cert: + ocp4-pci-dss-4-0-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-request-timeout: + ocp4-pci-dss-4-0-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-lookup: + ocp4-pci-dss-4-0-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-public-key: + ocp4-pci-dss-4-0-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cert: + ocp4-pci-dss-4-0-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cipher-suites: + ocp4-pci-dss-4-0-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-private-key: + ocp4-pci-dss-4-0-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile: + ocp4-pci-dss-4-0-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-token-auth: + ocp4-pci-dss-4-0-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-error-alert-exists: + ocp4-pci-dss-4-0-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-log-forwarding-enabled: + ocp4-pci-dss-4-0-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-audit-log-forwarding-webhook: + ocp4-pci-dss-4-0-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-audit-logging-enabled: + ocp4-pci-dss-4-0-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-profile-set: + ocp4-pci-dss-4-0-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies: + ocp4-pci-dss-4-0-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-4-0-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-configure-network-policies-namespaces: + ocp4-pci-dss-4-0-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-container-security-operator-exists: + ocp4-pci-dss-4-0-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-controller-insecure-port-disabled: + ocp4-pci-dss-4-0-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-secure-port: + ocp4-pci-dss-4-0-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-ca: + ocp4-pci-dss-4-0-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-private-key: + ocp4-pci-dss-4-0-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-use-service-account: + ocp4-pci-dss-4-0-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-auto-tls: + ocp4-pci-dss-4-0-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-cert-file: + ocp4-pci-dss-4-0-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-client-cert-auth: + ocp4-pci-dss-4-0-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-key-file: + ocp4-pci-dss-4-0-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-auto-tls: + ocp4-pci-dss-4-0-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-cert-file: + ocp4-pci-dss-4-0-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-client-cert-auth: + ocp4-pci-dss-4-0-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-key-file: + ocp4-pci-dss-4-0-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-exists: + ocp4-pci-dss-4-0-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-notification-enabled: + ocp4-pci-dss-4-0-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-owner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-general-apply-scc: + ocp4-pci-dss-4-0-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-namespace-use: + ocp4-pci-dss-4-0-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-seccomp-profile: + ocp4-pci-dss-4-0-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-namespaces-in-use: + ocp4-pci-dss-4-0-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-idp-is-configured: + ocp4-pci-dss-4-0-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-certificate: + ocp4-pci-dss-4-0-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-security-profile: + ocp4-pci-dss-4-0-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubeadmin-removed: + ocp4-pci-dss-4-0-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-kubelet-configure-tls-cert: + ocp4-pci-dss-4-0-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-key: + ocp4-pci-dss-4-0-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-disable-readonly-port: + ocp4-pci-dss-4-0-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-machine-volume-encrypted: + ocp4-pci-dss-4-0-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-allowed-registries: + ocp4-pci-dss-4-0-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-idp-no-htpasswd: + ocp4-pci-dss-4-0-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-registries: + ocp4-pci-dss-4-0-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-no-ldap-insecure: + ocp4-pci-dss-4-0-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-openshift-api-server-audit-log-path: + ocp4-pci-dss-4-0-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-cluster-roles-defined: + ocp4-pci-dss-4-0-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-debug-role-protects-pprof: + ocp4-pci-dss-4-0-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-least-privilege: + ocp4-pci-dss-4-0-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-cluster-admin: + ocp4-pci-dss-4-0-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-secrets-access: + ocp4-pci-dss-4-0-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-pod-creation-access: + ocp4-pci-dss-4-0-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-roles-defined: + ocp4-pci-dss-4-0-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-wildcard-use: + ocp4-pci-dss-4-0-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-routes-protected-by-tls: + ocp4-pci-dss-4-0-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scansettingbinding-exists: + ocp4-pci-dss-4-0-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-drop-container-capabilities: + ocp4-pci-dss-4-0-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-4-0-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-limit-ipc-namespace: + ocp4-pci-dss-4-0-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-net-raw-capability: + ocp4-pci-dss-4-0-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-network-namespace: + ocp4-pci-dss-4-0-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privilege-escalation: + ocp4-pci-dss-4-0-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privileged-containers: + ocp4-pci-dss-4-0-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-process-id-namespace: + ocp4-pci-dss-4-0-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-root-containers: + ocp4-pci-dss-4-0-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scheduler-service-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-secrets-consider-external-storage: + ocp4-pci-dss-4-0-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-secrets-no-environment-variables: + ocp4-pci-dss-4-0-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-security-profiles-operator-exists: + ocp4-pci-dss-4-0-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-storageclass-encryption-enabled: + ocp4-pci-dss-4-0-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-apiserver: + ocp4-pci-dss-4-0-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-router: + ocp4-pci-dss-4-0-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-not-old: + ocp4-pci-dss-4-0-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-4-0-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.16.yml b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.16.yml index 80db049b615..7faae2998b0 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.16.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.16.yml @@ -1,364 +1,364 @@ rule_results: - e2e-pci-dss-4-0-accounts-restrict-service-account-tokens: + ocp4-pci-dss-4-0-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-accounts-unique-service-account: + ocp4-pci-dss-4-0-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-acs-sensor-exists: + ocp4-pci-dss-4-0-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-alert-receiver-configured: + ocp4-pci-dss-4-0-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-scc: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-anonymous-auth: + ocp4-pci-dss-4-0-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-path: + ocp4-pci-dss-4-0-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-no-aa: + ocp4-pci-dss-4-0-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-rbac: + ocp4-pci-dss-4-0-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-basic-auth: + ocp4-pci-dss-4-0-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-bind-address: + ocp4-pci-dss-4-0-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-client-ca: + ocp4-pci-dss-4-0-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-encryption-provider-cipher: + ocp4-pci-dss-4-0-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-ca: + ocp4-pci-dss-4-0-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-cert: + ocp4-pci-dss-4-0-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-key: + ocp4-pci-dss-4-0-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-https-for-kubelet-conn: + ocp4-pci-dss-4-0-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-insecure-bind-address: + ocp4-pci-dss-4-0-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-certificate-authority: + ocp4-pci-dss-4-0-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-kubelet-client-key: + ocp4-pci-dss-4-0-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-oauth-https-serving-cert: + ocp4-pci-dss-4-0-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-openshift-https-serving-cert: + ocp4-pci-dss-4-0-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-request-timeout: + ocp4-pci-dss-4-0-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-lookup: + ocp4-pci-dss-4-0-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-public-key: + ocp4-pci-dss-4-0-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cert: + ocp4-pci-dss-4-0-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cipher-suites: + ocp4-pci-dss-4-0-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-private-key: + ocp4-pci-dss-4-0-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile: + ocp4-pci-dss-4-0-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-token-auth: + ocp4-pci-dss-4-0-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-error-alert-exists: + ocp4-pci-dss-4-0-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-log-forwarding-enabled: + ocp4-pci-dss-4-0-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-audit-log-forwarding-webhook: + ocp4-pci-dss-4-0-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-audit-logging-enabled: + ocp4-pci-dss-4-0-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-profile-set: + ocp4-pci-dss-4-0-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies: + ocp4-pci-dss-4-0-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-4-0-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-configure-network-policies-namespaces: + ocp4-pci-dss-4-0-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-container-security-operator-exists: + ocp4-pci-dss-4-0-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-controller-insecure-port-disabled: + ocp4-pci-dss-4-0-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-secure-port: + ocp4-pci-dss-4-0-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-ca: + ocp4-pci-dss-4-0-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-private-key: + ocp4-pci-dss-4-0-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-use-service-account: + ocp4-pci-dss-4-0-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-auto-tls: + ocp4-pci-dss-4-0-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-cert-file: + ocp4-pci-dss-4-0-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-client-cert-auth: + ocp4-pci-dss-4-0-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-key-file: + ocp4-pci-dss-4-0-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-auto-tls: + ocp4-pci-dss-4-0-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-cert-file: + ocp4-pci-dss-4-0-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-client-cert-auth: + ocp4-pci-dss-4-0-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-key-file: + ocp4-pci-dss-4-0-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-exists: + ocp4-pci-dss-4-0-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-notification-enabled: + ocp4-pci-dss-4-0-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-owner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-general-apply-scc: + ocp4-pci-dss-4-0-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-namespace-use: + ocp4-pci-dss-4-0-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-seccomp-profile: + ocp4-pci-dss-4-0-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-namespaces-in-use: + ocp4-pci-dss-4-0-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-idp-is-configured: + ocp4-pci-dss-4-0-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-certificate: + ocp4-pci-dss-4-0-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-security-profile: + ocp4-pci-dss-4-0-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubeadmin-removed: + ocp4-pci-dss-4-0-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-kubelet-configure-tls-cert: + ocp4-pci-dss-4-0-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-key: + ocp4-pci-dss-4-0-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-disable-readonly-port: + ocp4-pci-dss-4-0-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-machine-volume-encrypted: + ocp4-pci-dss-4-0-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-allowed-registries: + ocp4-pci-dss-4-0-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-idp-no-htpasswd: + ocp4-pci-dss-4-0-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-registries: + ocp4-pci-dss-4-0-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-no-ldap-insecure: + ocp4-pci-dss-4-0-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-openshift-api-server-audit-log-path: + ocp4-pci-dss-4-0-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-cluster-roles-defined: + ocp4-pci-dss-4-0-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-debug-role-protects-pprof: + ocp4-pci-dss-4-0-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-least-privilege: + ocp4-pci-dss-4-0-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-cluster-admin: + ocp4-pci-dss-4-0-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-secrets-access: + ocp4-pci-dss-4-0-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-pod-creation-access: + ocp4-pci-dss-4-0-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-roles-defined: + ocp4-pci-dss-4-0-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-wildcard-use: + ocp4-pci-dss-4-0-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-routes-protected-by-tls: + ocp4-pci-dss-4-0-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scansettingbinding-exists: + ocp4-pci-dss-4-0-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-drop-container-capabilities: + ocp4-pci-dss-4-0-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-4-0-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-limit-ipc-namespace: + ocp4-pci-dss-4-0-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-net-raw-capability: + ocp4-pci-dss-4-0-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-network-namespace: + ocp4-pci-dss-4-0-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privilege-escalation: + ocp4-pci-dss-4-0-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privileged-containers: + ocp4-pci-dss-4-0-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-process-id-namespace: + ocp4-pci-dss-4-0-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-root-containers: + ocp4-pci-dss-4-0-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scheduler-service-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-secrets-consider-external-storage: + ocp4-pci-dss-4-0-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-secrets-no-environment-variables: + ocp4-pci-dss-4-0-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-security-profiles-operator-exists: + ocp4-pci-dss-4-0-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-storageclass-encryption-enabled: + ocp4-pci-dss-4-0-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-apiserver: + ocp4-pci-dss-4-0-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-router: + ocp4-pci-dss-4-0-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-not-old: + ocp4-pci-dss-4-0-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-4-0-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.17.yml b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.17.yml index 80db049b615..7faae2998b0 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.17.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.17.yml @@ -1,364 +1,364 @@ rule_results: - e2e-pci-dss-4-0-accounts-restrict-service-account-tokens: + ocp4-pci-dss-4-0-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-accounts-unique-service-account: + ocp4-pci-dss-4-0-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-acs-sensor-exists: + ocp4-pci-dss-4-0-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-alert-receiver-configured: + ocp4-pci-dss-4-0-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-scc: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-anonymous-auth: + ocp4-pci-dss-4-0-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-path: + ocp4-pci-dss-4-0-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-no-aa: + ocp4-pci-dss-4-0-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-rbac: + ocp4-pci-dss-4-0-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-basic-auth: + ocp4-pci-dss-4-0-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-bind-address: + ocp4-pci-dss-4-0-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-client-ca: + ocp4-pci-dss-4-0-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-encryption-provider-cipher: + ocp4-pci-dss-4-0-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-ca: + ocp4-pci-dss-4-0-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-cert: + ocp4-pci-dss-4-0-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-key: + ocp4-pci-dss-4-0-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-https-for-kubelet-conn: + ocp4-pci-dss-4-0-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-insecure-bind-address: + ocp4-pci-dss-4-0-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-certificate-authority: + ocp4-pci-dss-4-0-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-kubelet-client-key: + ocp4-pci-dss-4-0-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-oauth-https-serving-cert: + ocp4-pci-dss-4-0-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-openshift-https-serving-cert: + ocp4-pci-dss-4-0-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-request-timeout: + ocp4-pci-dss-4-0-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-lookup: + ocp4-pci-dss-4-0-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-public-key: + ocp4-pci-dss-4-0-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cert: + ocp4-pci-dss-4-0-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cipher-suites: + ocp4-pci-dss-4-0-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-private-key: + ocp4-pci-dss-4-0-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile: + ocp4-pci-dss-4-0-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-token-auth: + ocp4-pci-dss-4-0-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-error-alert-exists: + ocp4-pci-dss-4-0-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-log-forwarding-enabled: + ocp4-pci-dss-4-0-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-audit-log-forwarding-webhook: + ocp4-pci-dss-4-0-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-audit-logging-enabled: + ocp4-pci-dss-4-0-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-profile-set: + ocp4-pci-dss-4-0-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies: + ocp4-pci-dss-4-0-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-4-0-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-configure-network-policies-namespaces: + ocp4-pci-dss-4-0-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-container-security-operator-exists: + ocp4-pci-dss-4-0-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-controller-insecure-port-disabled: + ocp4-pci-dss-4-0-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-secure-port: + ocp4-pci-dss-4-0-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-ca: + ocp4-pci-dss-4-0-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-private-key: + ocp4-pci-dss-4-0-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-use-service-account: + ocp4-pci-dss-4-0-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-auto-tls: + ocp4-pci-dss-4-0-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-cert-file: + ocp4-pci-dss-4-0-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-client-cert-auth: + ocp4-pci-dss-4-0-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-key-file: + ocp4-pci-dss-4-0-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-auto-tls: + ocp4-pci-dss-4-0-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-cert-file: + ocp4-pci-dss-4-0-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-client-cert-auth: + ocp4-pci-dss-4-0-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-key-file: + ocp4-pci-dss-4-0-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-exists: + ocp4-pci-dss-4-0-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-notification-enabled: + ocp4-pci-dss-4-0-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-owner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-general-apply-scc: + ocp4-pci-dss-4-0-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-namespace-use: + ocp4-pci-dss-4-0-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-seccomp-profile: + ocp4-pci-dss-4-0-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-namespaces-in-use: + ocp4-pci-dss-4-0-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-idp-is-configured: + ocp4-pci-dss-4-0-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-certificate: + ocp4-pci-dss-4-0-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-security-profile: + ocp4-pci-dss-4-0-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubeadmin-removed: + ocp4-pci-dss-4-0-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-kubelet-configure-tls-cert: + ocp4-pci-dss-4-0-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-key: + ocp4-pci-dss-4-0-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-disable-readonly-port: + ocp4-pci-dss-4-0-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-machine-volume-encrypted: + ocp4-pci-dss-4-0-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-allowed-registries: + ocp4-pci-dss-4-0-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-idp-no-htpasswd: + ocp4-pci-dss-4-0-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-registries: + ocp4-pci-dss-4-0-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-no-ldap-insecure: + ocp4-pci-dss-4-0-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-openshift-api-server-audit-log-path: + ocp4-pci-dss-4-0-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-cluster-roles-defined: + ocp4-pci-dss-4-0-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-debug-role-protects-pprof: + ocp4-pci-dss-4-0-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-least-privilege: + ocp4-pci-dss-4-0-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-cluster-admin: + ocp4-pci-dss-4-0-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-secrets-access: + ocp4-pci-dss-4-0-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-pod-creation-access: + ocp4-pci-dss-4-0-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-roles-defined: + ocp4-pci-dss-4-0-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-wildcard-use: + ocp4-pci-dss-4-0-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-routes-protected-by-tls: + ocp4-pci-dss-4-0-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scansettingbinding-exists: + ocp4-pci-dss-4-0-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-drop-container-capabilities: + ocp4-pci-dss-4-0-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-4-0-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-limit-ipc-namespace: + ocp4-pci-dss-4-0-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-net-raw-capability: + ocp4-pci-dss-4-0-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-network-namespace: + ocp4-pci-dss-4-0-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privilege-escalation: + ocp4-pci-dss-4-0-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privileged-containers: + ocp4-pci-dss-4-0-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-process-id-namespace: + ocp4-pci-dss-4-0-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-root-containers: + ocp4-pci-dss-4-0-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scheduler-service-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-secrets-consider-external-storage: + ocp4-pci-dss-4-0-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-secrets-no-environment-variables: + ocp4-pci-dss-4-0-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-security-profiles-operator-exists: + ocp4-pci-dss-4-0-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-storageclass-encryption-enabled: + ocp4-pci-dss-4-0-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-apiserver: + ocp4-pci-dss-4-0-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-router: + ocp4-pci-dss-4-0-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-not-old: + ocp4-pci-dss-4-0-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-4-0-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.18.yml b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.18.yml index 80db049b615..7faae2998b0 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.18.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.18.yml @@ -1,364 +1,364 @@ rule_results: - e2e-pci-dss-4-0-accounts-restrict-service-account-tokens: + ocp4-pci-dss-4-0-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-accounts-unique-service-account: + ocp4-pci-dss-4-0-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-acs-sensor-exists: + ocp4-pci-dss-4-0-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-alert-receiver-configured: + ocp4-pci-dss-4-0-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-scc: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-anonymous-auth: + ocp4-pci-dss-4-0-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-path: + ocp4-pci-dss-4-0-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-no-aa: + ocp4-pci-dss-4-0-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-rbac: + ocp4-pci-dss-4-0-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-basic-auth: + ocp4-pci-dss-4-0-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-bind-address: + ocp4-pci-dss-4-0-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-client-ca: + ocp4-pci-dss-4-0-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-encryption-provider-cipher: + ocp4-pci-dss-4-0-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-ca: + ocp4-pci-dss-4-0-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-cert: + ocp4-pci-dss-4-0-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-key: + ocp4-pci-dss-4-0-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-https-for-kubelet-conn: + ocp4-pci-dss-4-0-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-insecure-bind-address: + ocp4-pci-dss-4-0-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-certificate-authority: + ocp4-pci-dss-4-0-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-kubelet-client-key: + ocp4-pci-dss-4-0-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-oauth-https-serving-cert: + ocp4-pci-dss-4-0-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-openshift-https-serving-cert: + ocp4-pci-dss-4-0-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-request-timeout: + ocp4-pci-dss-4-0-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-lookup: + ocp4-pci-dss-4-0-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-public-key: + ocp4-pci-dss-4-0-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cert: + ocp4-pci-dss-4-0-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cipher-suites: + ocp4-pci-dss-4-0-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-private-key: + ocp4-pci-dss-4-0-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile: + ocp4-pci-dss-4-0-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-token-auth: + ocp4-pci-dss-4-0-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-error-alert-exists: + ocp4-pci-dss-4-0-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-log-forwarding-enabled: + ocp4-pci-dss-4-0-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-audit-log-forwarding-webhook: + ocp4-pci-dss-4-0-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-audit-logging-enabled: + ocp4-pci-dss-4-0-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-profile-set: + ocp4-pci-dss-4-0-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies: + ocp4-pci-dss-4-0-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-4-0-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-configure-network-policies-namespaces: + ocp4-pci-dss-4-0-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-container-security-operator-exists: + ocp4-pci-dss-4-0-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-controller-insecure-port-disabled: + ocp4-pci-dss-4-0-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-secure-port: + ocp4-pci-dss-4-0-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-ca: + ocp4-pci-dss-4-0-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-private-key: + ocp4-pci-dss-4-0-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-use-service-account: + ocp4-pci-dss-4-0-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-auto-tls: + ocp4-pci-dss-4-0-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-cert-file: + ocp4-pci-dss-4-0-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-client-cert-auth: + ocp4-pci-dss-4-0-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-key-file: + ocp4-pci-dss-4-0-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-auto-tls: + ocp4-pci-dss-4-0-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-cert-file: + ocp4-pci-dss-4-0-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-client-cert-auth: + ocp4-pci-dss-4-0-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-key-file: + ocp4-pci-dss-4-0-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-exists: + ocp4-pci-dss-4-0-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-notification-enabled: + ocp4-pci-dss-4-0-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-owner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-general-apply-scc: + ocp4-pci-dss-4-0-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-namespace-use: + ocp4-pci-dss-4-0-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-seccomp-profile: + ocp4-pci-dss-4-0-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-namespaces-in-use: + ocp4-pci-dss-4-0-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-idp-is-configured: + ocp4-pci-dss-4-0-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-certificate: + ocp4-pci-dss-4-0-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-security-profile: + ocp4-pci-dss-4-0-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubeadmin-removed: + ocp4-pci-dss-4-0-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-kubelet-configure-tls-cert: + ocp4-pci-dss-4-0-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-key: + ocp4-pci-dss-4-0-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-disable-readonly-port: + ocp4-pci-dss-4-0-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-machine-volume-encrypted: + ocp4-pci-dss-4-0-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-allowed-registries: + ocp4-pci-dss-4-0-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-idp-no-htpasswd: + ocp4-pci-dss-4-0-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-registries: + ocp4-pci-dss-4-0-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-no-ldap-insecure: + ocp4-pci-dss-4-0-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-openshift-api-server-audit-log-path: + ocp4-pci-dss-4-0-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-cluster-roles-defined: + ocp4-pci-dss-4-0-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-debug-role-protects-pprof: + ocp4-pci-dss-4-0-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-least-privilege: + ocp4-pci-dss-4-0-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-cluster-admin: + ocp4-pci-dss-4-0-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-secrets-access: + ocp4-pci-dss-4-0-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-pod-creation-access: + ocp4-pci-dss-4-0-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-roles-defined: + ocp4-pci-dss-4-0-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-wildcard-use: + ocp4-pci-dss-4-0-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-routes-protected-by-tls: + ocp4-pci-dss-4-0-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scansettingbinding-exists: + ocp4-pci-dss-4-0-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-drop-container-capabilities: + ocp4-pci-dss-4-0-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-4-0-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-limit-ipc-namespace: + ocp4-pci-dss-4-0-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-net-raw-capability: + ocp4-pci-dss-4-0-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-network-namespace: + ocp4-pci-dss-4-0-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privilege-escalation: + ocp4-pci-dss-4-0-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privileged-containers: + ocp4-pci-dss-4-0-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-process-id-namespace: + ocp4-pci-dss-4-0-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-root-containers: + ocp4-pci-dss-4-0-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scheduler-service-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-secrets-consider-external-storage: + ocp4-pci-dss-4-0-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-secrets-no-environment-variables: + ocp4-pci-dss-4-0-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-security-profiles-operator-exists: + ocp4-pci-dss-4-0-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-storageclass-encryption-enabled: + ocp4-pci-dss-4-0-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-apiserver: + ocp4-pci-dss-4-0-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-router: + ocp4-pci-dss-4-0-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-not-old: + ocp4-pci-dss-4-0-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-4-0-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4.12.yml b/tests/assertions/ocp4/ocp4-pci-dss-4.12.yml index 7f99f889399..9ab26b3e4d3 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4.12.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4.12.yml @@ -1,379 +1,379 @@ rule_results: - e2e-pci-dss-accounts-restrict-service-account-tokens: + ocp4-pci-dss-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-accounts-unique-service-account: + ocp4-pci-dss-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-scc: + ocp4-pci-dss-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-anonymous-auth: + ocp4-pci-dss-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-api-priority-gate-enabled: + ocp4-pci-dss-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-audit-log-maxbackup: + ocp4-pci-dss-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-maxsize: + ocp4-pci-dss-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-path: + ocp4-pci-dss-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-no-aa: + ocp4-pci-dss-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-rbac: + ocp4-pci-dss-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-basic-auth: + ocp4-pci-dss-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-bind-address: + ocp4-pci-dss-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-client-ca: + ocp4-pci-dss-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-encryption-provider-cipher: + ocp4-pci-dss-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-ca: + ocp4-pci-dss-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-cert: + ocp4-pci-dss-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-key: + ocp4-pci-dss-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-https-for-kubelet-conn: + ocp4-pci-dss-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-bind-address: + ocp4-pci-dss-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-port: + ocp4-pci-dss-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-certificate-authority: + ocp4-pci-dss-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert: + ocp4-pci-dss-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-client-key: + ocp4-pci-dss-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-oauth-https-serving-cert: + ocp4-pci-dss-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-openshift-https-serving-cert: + ocp4-pci-dss-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-request-timeout: + ocp4-pci-dss-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-lookup: + ocp4-pci-dss-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-public-key: + ocp4-pci-dss-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cert: + ocp4-pci-dss-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cipher-suites: + ocp4-pci-dss-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-private-key: + ocp4-pci-dss-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-token-auth: + ocp4-pci-dss-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-log-forwarding-enabled: + ocp4-pci-dss-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-audit-log-forwarding-webhook: + ocp4-pci-dss-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-audit-logging-enabled: + ocp4-pci-dss-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-profile-set: + ocp4-pci-dss-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-configure-network-policies: + ocp4-pci-dss-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-configure-network-policies-namespaces: + ocp4-pci-dss-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-insecure-port-disabled: + ocp4-pci-dss-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-secure-port: + ocp4-pci-dss-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-ca: + ocp4-pci-dss-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-private-key: + ocp4-pci-dss-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-use-service-account: + ocp4-pci-dss-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-auto-tls: + ocp4-pci-dss-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-cert-file: + ocp4-pci-dss-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-check-cipher-suite: + ocp4-pci-dss-etcd-check-cipher-suite: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-client-cert-auth: + ocp4-pci-dss-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-key-file: + ocp4-pci-dss-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-auto-tls: + ocp4-pci-dss-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-cert-file: + ocp4-pci-dss-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-client-cert-auth: + ocp4-pci-dss-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-key-file: + ocp4-pci-dss-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-integrity-exists: + ocp4-pci-dss-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-integrity-notification-enabled: + ocp4-pci-dss-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-owner-proxy-kubeconfig: + ocp4-pci-dss-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-general-apply-scc: + ocp4-pci-dss-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-namespace-use: + ocp4-pci-dss-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-seccomp-profile: + ocp4-pci-dss-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-namespaces-in-use: + ocp4-pci-dss-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-idp-is-configured: + ocp4-pci-dss-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-kubeadmin-removed: + ocp4-pci-dss-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-kubelet-configure-tls-cert: + ocp4-pci-dss-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cert-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-configure-tls-key: + ocp4-pci-dss-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-key-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-disable-readonly-port: + ocp4-pci-dss-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-machine-volume-encrypted: + ocp4-pci-dss-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-allowed-registries: + ocp4-pci-dss-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-allowed-registries-for-import: + ocp4-pci-dss-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-registries: + ocp4-pci-dss-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-no-ldap-insecure: + ocp4-pci-dss-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-openshift-api-server-audit-log-path: + ocp4-pci-dss-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-cluster-roles-defined: + ocp4-pci-dss-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-debug-role-protects-pprof: + ocp4-pci-dss-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-least-privilege: + ocp4-pci-dss-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-cluster-admin: + ocp4-pci-dss-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-secrets-access: + ocp4-pci-dss-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-pod-creation-access: + ocp4-pci-dss-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-roles-defined: + ocp4-pci-dss-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-wildcard-use: + ocp4-pci-dss-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-routes-protected-by-tls: + ocp4-pci-dss-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scansettingbinding-exists: + ocp4-pci-dss-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-drop-container-capabilities: + ocp4-pci-dss-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-limit-ipc-namespace: + ocp4-pci-dss-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-net-raw-capability: + ocp4-pci-dss-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-network-namespace: + ocp4-pci-dss-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privilege-escalation: + ocp4-pci-dss-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privileged-containers: + ocp4-pci-dss-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-process-id-namespace: + ocp4-pci-dss-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-root-containers: + ocp4-pci-dss-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scheduler-service-protected-by-rbac: + ocp4-pci-dss-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-secrets-consider-external-storage: + ocp4-pci-dss-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-secrets-no-environment-variables: + ocp4-pci-dss-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-storageclass-encryption-enabled: + ocp4-pci-dss-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-apiserver: + ocp4-pci-dss-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-router: + ocp4-pci-dss-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-acs-sensor-exists: + ocp4-pci-dss-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-alert-receiver-configured: + ocp4-pci-dss-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-tls-security-profile: + ocp4-pci-dss-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-error-alert-exists: + ocp4-pci-dss-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-container-security-operator-exists: + ocp4-pci-dss-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-certificate: + ocp4-pci-dss-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-security-profile: + ocp4-pci-dss-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ocp-idp-no-htpasswd: + ocp4-pci-dss-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-security-profiles-operator-exists: + ocp4-pci-dss-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-security-profile-not-old: + ocp4-pci-dss-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4.13.yml b/tests/assertions/ocp4/ocp4-pci-dss-4.13.yml index 135641108c0..d9cd21bfa07 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4.13.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4.13.yml @@ -1,378 +1,378 @@ rule_results: - e2e-pci-dss-accounts-restrict-service-account-tokens: + ocp4-pci-dss-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-accounts-unique-service-account: + ocp4-pci-dss-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-scc: + ocp4-pci-dss-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-anonymous-auth: + ocp4-pci-dss-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-api-priority-gate-enabled: + ocp4-pci-dss-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-audit-log-maxbackup: + ocp4-pci-dss-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-maxsize: + ocp4-pci-dss-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-path: + ocp4-pci-dss-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-no-aa: + ocp4-pci-dss-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-rbac: + ocp4-pci-dss-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-basic-auth: + ocp4-pci-dss-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-bind-address: + ocp4-pci-dss-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-client-ca: + ocp4-pci-dss-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-encryption-provider-cipher: + ocp4-pci-dss-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-ca: + ocp4-pci-dss-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-cert: + ocp4-pci-dss-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-key: + ocp4-pci-dss-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-https-for-kubelet-conn: + ocp4-pci-dss-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-bind-address: + ocp4-pci-dss-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-port: + ocp4-pci-dss-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-certificate-authority: + ocp4-pci-dss-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert: + ocp4-pci-dss-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-client-key: + ocp4-pci-dss-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-oauth-https-serving-cert: + ocp4-pci-dss-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-openshift-https-serving-cert: + ocp4-pci-dss-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-request-timeout: + ocp4-pci-dss-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-lookup: + ocp4-pci-dss-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-public-key: + ocp4-pci-dss-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cert: + ocp4-pci-dss-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cipher-suites: + ocp4-pci-dss-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-private-key: + ocp4-pci-dss-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-token-auth: + ocp4-pci-dss-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-log-forwarding-enabled: + ocp4-pci-dss-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-audit-log-forwarding-webhook: + ocp4-pci-dss-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-audit-logging-enabled: + ocp4-pci-dss-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-profile-set: + ocp4-pci-dss-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-configure-network-policies: + ocp4-pci-dss-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-configure-network-policies-namespaces: + ocp4-pci-dss-configure-network-policies-namespaces: default_result: PASS - e2e-pci-dss-controller-insecure-port-disabled: + ocp4-pci-dss-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-secure-port: + ocp4-pci-dss-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-ca: + ocp4-pci-dss-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-private-key: + ocp4-pci-dss-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-use-service-account: + ocp4-pci-dss-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-auto-tls: + ocp4-pci-dss-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-cert-file: + ocp4-pci-dss-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-check-cipher-suite: + ocp4-pci-dss-etcd-check-cipher-suite: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-client-cert-auth: + ocp4-pci-dss-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-key-file: + ocp4-pci-dss-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-auto-tls: + ocp4-pci-dss-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-cert-file: + ocp4-pci-dss-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-client-cert-auth: + ocp4-pci-dss-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-key-file: + ocp4-pci-dss-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-integrity-exists: + ocp4-pci-dss-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-integrity-notification-enabled: + ocp4-pci-dss-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-owner-proxy-kubeconfig: + ocp4-pci-dss-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-general-apply-scc: + ocp4-pci-dss-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-namespace-use: + ocp4-pci-dss-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-seccomp-profile: + ocp4-pci-dss-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-namespaces-in-use: + ocp4-pci-dss-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-idp-is-configured: + ocp4-pci-dss-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-kubeadmin-removed: + ocp4-pci-dss-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-kubelet-configure-tls-cert: + ocp4-pci-dss-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cert-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-configure-tls-key: + ocp4-pci-dss-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-key-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-disable-readonly-port: + ocp4-pci-dss-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-machine-volume-encrypted: + ocp4-pci-dss-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-allowed-registries: + ocp4-pci-dss-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-allowed-registries-for-import: + ocp4-pci-dss-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-registries: + ocp4-pci-dss-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-no-ldap-insecure: + ocp4-pci-dss-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-openshift-api-server-audit-log-path: + ocp4-pci-dss-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-cluster-roles-defined: + ocp4-pci-dss-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-debug-role-protects-pprof: + ocp4-pci-dss-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-least-privilege: + ocp4-pci-dss-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-cluster-admin: + ocp4-pci-dss-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-secrets-access: + ocp4-pci-dss-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-pod-creation-access: + ocp4-pci-dss-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-roles-defined: + ocp4-pci-dss-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-wildcard-use: + ocp4-pci-dss-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-routes-protected-by-tls: + ocp4-pci-dss-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scansettingbinding-exists: + ocp4-pci-dss-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-drop-container-capabilities: + ocp4-pci-dss-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-limit-ipc-namespace: + ocp4-pci-dss-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-net-raw-capability: + ocp4-pci-dss-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-network-namespace: + ocp4-pci-dss-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privilege-escalation: + ocp4-pci-dss-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privileged-containers: + ocp4-pci-dss-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-process-id-namespace: + ocp4-pci-dss-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-root-containers: + ocp4-pci-dss-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scheduler-service-protected-by-rbac: + ocp4-pci-dss-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-secrets-consider-external-storage: + ocp4-pci-dss-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-secrets-no-environment-variables: + ocp4-pci-dss-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-storageclass-encryption-enabled: + ocp4-pci-dss-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-apiserver: + ocp4-pci-dss-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-router: + ocp4-pci-dss-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-acs-sensor-exists: + ocp4-pci-dss-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-alert-receiver-configured: + ocp4-pci-dss-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-tls-security-profile: + ocp4-pci-dss-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-error-alert-exists: + ocp4-pci-dss-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-container-security-operator-exists: + ocp4-pci-dss-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-certificate: + ocp4-pci-dss-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-security-profile: + ocp4-pci-dss-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ocp-idp-no-htpasswd: + ocp4-pci-dss-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-security-profiles-operator-exists: + ocp4-pci-dss-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-security-profile-not-old: + ocp4-pci-dss-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4.14.yml b/tests/assertions/ocp4/ocp4-pci-dss-4.14.yml index 135641108c0..d9cd21bfa07 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4.14.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4.14.yml @@ -1,378 +1,378 @@ rule_results: - e2e-pci-dss-accounts-restrict-service-account-tokens: + ocp4-pci-dss-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-accounts-unique-service-account: + ocp4-pci-dss-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-scc: + ocp4-pci-dss-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-anonymous-auth: + ocp4-pci-dss-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-api-priority-gate-enabled: + ocp4-pci-dss-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-audit-log-maxbackup: + ocp4-pci-dss-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-maxsize: + ocp4-pci-dss-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-path: + ocp4-pci-dss-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-no-aa: + ocp4-pci-dss-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-rbac: + ocp4-pci-dss-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-basic-auth: + ocp4-pci-dss-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-bind-address: + ocp4-pci-dss-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-client-ca: + ocp4-pci-dss-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-encryption-provider-cipher: + ocp4-pci-dss-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-ca: + ocp4-pci-dss-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-cert: + ocp4-pci-dss-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-key: + ocp4-pci-dss-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-https-for-kubelet-conn: + ocp4-pci-dss-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-bind-address: + ocp4-pci-dss-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-port: + ocp4-pci-dss-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-certificate-authority: + ocp4-pci-dss-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert: + ocp4-pci-dss-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-client-key: + ocp4-pci-dss-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-oauth-https-serving-cert: + ocp4-pci-dss-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-openshift-https-serving-cert: + ocp4-pci-dss-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-request-timeout: + ocp4-pci-dss-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-lookup: + ocp4-pci-dss-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-public-key: + ocp4-pci-dss-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cert: + ocp4-pci-dss-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cipher-suites: + ocp4-pci-dss-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-private-key: + ocp4-pci-dss-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-token-auth: + ocp4-pci-dss-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-log-forwarding-enabled: + ocp4-pci-dss-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-audit-log-forwarding-webhook: + ocp4-pci-dss-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-audit-logging-enabled: + ocp4-pci-dss-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-profile-set: + ocp4-pci-dss-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-configure-network-policies: + ocp4-pci-dss-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-configure-network-policies-namespaces: + ocp4-pci-dss-configure-network-policies-namespaces: default_result: PASS - e2e-pci-dss-controller-insecure-port-disabled: + ocp4-pci-dss-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-secure-port: + ocp4-pci-dss-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-ca: + ocp4-pci-dss-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-private-key: + ocp4-pci-dss-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-use-service-account: + ocp4-pci-dss-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-auto-tls: + ocp4-pci-dss-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-cert-file: + ocp4-pci-dss-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-check-cipher-suite: + ocp4-pci-dss-etcd-check-cipher-suite: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-client-cert-auth: + ocp4-pci-dss-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-key-file: + ocp4-pci-dss-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-auto-tls: + ocp4-pci-dss-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-cert-file: + ocp4-pci-dss-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-client-cert-auth: + ocp4-pci-dss-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-key-file: + ocp4-pci-dss-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-integrity-exists: + ocp4-pci-dss-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-integrity-notification-enabled: + ocp4-pci-dss-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-owner-proxy-kubeconfig: + ocp4-pci-dss-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-general-apply-scc: + ocp4-pci-dss-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-namespace-use: + ocp4-pci-dss-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-seccomp-profile: + ocp4-pci-dss-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-namespaces-in-use: + ocp4-pci-dss-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-idp-is-configured: + ocp4-pci-dss-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-kubeadmin-removed: + ocp4-pci-dss-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-kubelet-configure-tls-cert: + ocp4-pci-dss-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cert-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-configure-tls-key: + ocp4-pci-dss-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-key-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-disable-readonly-port: + ocp4-pci-dss-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-machine-volume-encrypted: + ocp4-pci-dss-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-allowed-registries: + ocp4-pci-dss-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-allowed-registries-for-import: + ocp4-pci-dss-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-registries: + ocp4-pci-dss-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-no-ldap-insecure: + ocp4-pci-dss-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-openshift-api-server-audit-log-path: + ocp4-pci-dss-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-cluster-roles-defined: + ocp4-pci-dss-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-debug-role-protects-pprof: + ocp4-pci-dss-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-least-privilege: + ocp4-pci-dss-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-cluster-admin: + ocp4-pci-dss-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-secrets-access: + ocp4-pci-dss-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-pod-creation-access: + ocp4-pci-dss-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-roles-defined: + ocp4-pci-dss-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-wildcard-use: + ocp4-pci-dss-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-routes-protected-by-tls: + ocp4-pci-dss-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scansettingbinding-exists: + ocp4-pci-dss-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-drop-container-capabilities: + ocp4-pci-dss-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-limit-ipc-namespace: + ocp4-pci-dss-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-net-raw-capability: + ocp4-pci-dss-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-network-namespace: + ocp4-pci-dss-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privilege-escalation: + ocp4-pci-dss-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privileged-containers: + ocp4-pci-dss-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-process-id-namespace: + ocp4-pci-dss-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-root-containers: + ocp4-pci-dss-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scheduler-service-protected-by-rbac: + ocp4-pci-dss-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-secrets-consider-external-storage: + ocp4-pci-dss-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-secrets-no-environment-variables: + ocp4-pci-dss-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-storageclass-encryption-enabled: + ocp4-pci-dss-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-apiserver: + ocp4-pci-dss-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-router: + ocp4-pci-dss-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-acs-sensor-exists: + ocp4-pci-dss-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-alert-receiver-configured: + ocp4-pci-dss-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-tls-security-profile: + ocp4-pci-dss-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-error-alert-exists: + ocp4-pci-dss-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-container-security-operator-exists: + ocp4-pci-dss-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-certificate: + ocp4-pci-dss-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-security-profile: + ocp4-pci-dss-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ocp-idp-no-htpasswd: + ocp4-pci-dss-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-security-profiles-operator-exists: + ocp4-pci-dss-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-security-profile-not-old: + ocp4-pci-dss-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4.15.yml b/tests/assertions/ocp4/ocp4-pci-dss-4.15.yml index 135641108c0..d9cd21bfa07 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4.15.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4.15.yml @@ -1,378 +1,378 @@ rule_results: - e2e-pci-dss-accounts-restrict-service-account-tokens: + ocp4-pci-dss-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-accounts-unique-service-account: + ocp4-pci-dss-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-scc: + ocp4-pci-dss-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-anonymous-auth: + ocp4-pci-dss-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-api-priority-gate-enabled: + ocp4-pci-dss-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-audit-log-maxbackup: + ocp4-pci-dss-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-maxsize: + ocp4-pci-dss-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-path: + ocp4-pci-dss-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-no-aa: + ocp4-pci-dss-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-rbac: + ocp4-pci-dss-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-basic-auth: + ocp4-pci-dss-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-bind-address: + ocp4-pci-dss-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-client-ca: + ocp4-pci-dss-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-encryption-provider-cipher: + ocp4-pci-dss-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-ca: + ocp4-pci-dss-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-cert: + ocp4-pci-dss-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-key: + ocp4-pci-dss-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-https-for-kubelet-conn: + ocp4-pci-dss-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-bind-address: + ocp4-pci-dss-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-port: + ocp4-pci-dss-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-certificate-authority: + ocp4-pci-dss-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert: + ocp4-pci-dss-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-client-key: + ocp4-pci-dss-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-oauth-https-serving-cert: + ocp4-pci-dss-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-openshift-https-serving-cert: + ocp4-pci-dss-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-request-timeout: + ocp4-pci-dss-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-lookup: + ocp4-pci-dss-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-public-key: + ocp4-pci-dss-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cert: + ocp4-pci-dss-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cipher-suites: + ocp4-pci-dss-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-private-key: + ocp4-pci-dss-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-token-auth: + ocp4-pci-dss-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-log-forwarding-enabled: + ocp4-pci-dss-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-audit-log-forwarding-webhook: + ocp4-pci-dss-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-audit-logging-enabled: + ocp4-pci-dss-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-profile-set: + ocp4-pci-dss-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-configure-network-policies: + ocp4-pci-dss-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-configure-network-policies-namespaces: + ocp4-pci-dss-configure-network-policies-namespaces: default_result: PASS - e2e-pci-dss-controller-insecure-port-disabled: + ocp4-pci-dss-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-secure-port: + ocp4-pci-dss-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-ca: + ocp4-pci-dss-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-private-key: + ocp4-pci-dss-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-use-service-account: + ocp4-pci-dss-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-auto-tls: + ocp4-pci-dss-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-cert-file: + ocp4-pci-dss-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-check-cipher-suite: + ocp4-pci-dss-etcd-check-cipher-suite: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-client-cert-auth: + ocp4-pci-dss-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-key-file: + ocp4-pci-dss-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-auto-tls: + ocp4-pci-dss-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-cert-file: + ocp4-pci-dss-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-client-cert-auth: + ocp4-pci-dss-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-key-file: + ocp4-pci-dss-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-integrity-exists: + ocp4-pci-dss-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-integrity-notification-enabled: + ocp4-pci-dss-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-owner-proxy-kubeconfig: + ocp4-pci-dss-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-general-apply-scc: + ocp4-pci-dss-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-namespace-use: + ocp4-pci-dss-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-seccomp-profile: + ocp4-pci-dss-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-namespaces-in-use: + ocp4-pci-dss-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-idp-is-configured: + ocp4-pci-dss-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-kubeadmin-removed: + ocp4-pci-dss-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-kubelet-configure-tls-cert: + ocp4-pci-dss-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cert-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-configure-tls-key: + ocp4-pci-dss-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-key-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-disable-readonly-port: + ocp4-pci-dss-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-machine-volume-encrypted: + ocp4-pci-dss-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-allowed-registries: + ocp4-pci-dss-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-allowed-registries-for-import: + ocp4-pci-dss-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-registries: + ocp4-pci-dss-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-no-ldap-insecure: + ocp4-pci-dss-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-openshift-api-server-audit-log-path: + ocp4-pci-dss-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-cluster-roles-defined: + ocp4-pci-dss-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-debug-role-protects-pprof: + ocp4-pci-dss-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-least-privilege: + ocp4-pci-dss-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-cluster-admin: + ocp4-pci-dss-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-secrets-access: + ocp4-pci-dss-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-pod-creation-access: + ocp4-pci-dss-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-roles-defined: + ocp4-pci-dss-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-wildcard-use: + ocp4-pci-dss-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-routes-protected-by-tls: + ocp4-pci-dss-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scansettingbinding-exists: + ocp4-pci-dss-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-drop-container-capabilities: + ocp4-pci-dss-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-limit-ipc-namespace: + ocp4-pci-dss-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-net-raw-capability: + ocp4-pci-dss-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-network-namespace: + ocp4-pci-dss-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privilege-escalation: + ocp4-pci-dss-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privileged-containers: + ocp4-pci-dss-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-process-id-namespace: + ocp4-pci-dss-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-root-containers: + ocp4-pci-dss-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scheduler-service-protected-by-rbac: + ocp4-pci-dss-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-secrets-consider-external-storage: + ocp4-pci-dss-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-secrets-no-environment-variables: + ocp4-pci-dss-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-storageclass-encryption-enabled: + ocp4-pci-dss-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-apiserver: + ocp4-pci-dss-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-router: + ocp4-pci-dss-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-acs-sensor-exists: + ocp4-pci-dss-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-alert-receiver-configured: + ocp4-pci-dss-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-tls-security-profile: + ocp4-pci-dss-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-error-alert-exists: + ocp4-pci-dss-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-container-security-operator-exists: + ocp4-pci-dss-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-certificate: + ocp4-pci-dss-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-security-profile: + ocp4-pci-dss-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ocp-idp-no-htpasswd: + ocp4-pci-dss-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-security-profiles-operator-exists: + ocp4-pci-dss-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-security-profile-not-old: + ocp4-pci-dss-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4.16.yml b/tests/assertions/ocp4/ocp4-pci-dss-4.16.yml index 135641108c0..d9cd21bfa07 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4.16.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4.16.yml @@ -1,378 +1,378 @@ rule_results: - e2e-pci-dss-accounts-restrict-service-account-tokens: + ocp4-pci-dss-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-accounts-unique-service-account: + ocp4-pci-dss-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-scc: + ocp4-pci-dss-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-anonymous-auth: + ocp4-pci-dss-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-api-priority-gate-enabled: + ocp4-pci-dss-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-audit-log-maxbackup: + ocp4-pci-dss-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-maxsize: + ocp4-pci-dss-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-path: + ocp4-pci-dss-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-no-aa: + ocp4-pci-dss-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-rbac: + ocp4-pci-dss-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-basic-auth: + ocp4-pci-dss-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-bind-address: + ocp4-pci-dss-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-client-ca: + ocp4-pci-dss-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-encryption-provider-cipher: + ocp4-pci-dss-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-ca: + ocp4-pci-dss-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-cert: + ocp4-pci-dss-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-key: + ocp4-pci-dss-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-https-for-kubelet-conn: + ocp4-pci-dss-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-bind-address: + ocp4-pci-dss-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-port: + ocp4-pci-dss-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-certificate-authority: + ocp4-pci-dss-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert: + ocp4-pci-dss-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-client-key: + ocp4-pci-dss-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-oauth-https-serving-cert: + ocp4-pci-dss-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-openshift-https-serving-cert: + ocp4-pci-dss-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-request-timeout: + ocp4-pci-dss-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-lookup: + ocp4-pci-dss-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-public-key: + ocp4-pci-dss-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cert: + ocp4-pci-dss-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cipher-suites: + ocp4-pci-dss-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-private-key: + ocp4-pci-dss-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-token-auth: + ocp4-pci-dss-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-log-forwarding-enabled: + ocp4-pci-dss-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-audit-log-forwarding-webhook: + ocp4-pci-dss-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-audit-logging-enabled: + ocp4-pci-dss-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-profile-set: + ocp4-pci-dss-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-configure-network-policies: + ocp4-pci-dss-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-configure-network-policies-namespaces: + ocp4-pci-dss-configure-network-policies-namespaces: default_result: PASS - e2e-pci-dss-controller-insecure-port-disabled: + ocp4-pci-dss-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-secure-port: + ocp4-pci-dss-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-ca: + ocp4-pci-dss-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-private-key: + ocp4-pci-dss-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-use-service-account: + ocp4-pci-dss-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-auto-tls: + ocp4-pci-dss-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-cert-file: + ocp4-pci-dss-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-check-cipher-suite: + ocp4-pci-dss-etcd-check-cipher-suite: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-client-cert-auth: + ocp4-pci-dss-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-key-file: + ocp4-pci-dss-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-auto-tls: + ocp4-pci-dss-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-cert-file: + ocp4-pci-dss-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-client-cert-auth: + ocp4-pci-dss-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-key-file: + ocp4-pci-dss-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-integrity-exists: + ocp4-pci-dss-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-integrity-notification-enabled: + ocp4-pci-dss-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-owner-proxy-kubeconfig: + ocp4-pci-dss-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-general-apply-scc: + ocp4-pci-dss-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-namespace-use: + ocp4-pci-dss-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-seccomp-profile: + ocp4-pci-dss-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-namespaces-in-use: + ocp4-pci-dss-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-idp-is-configured: + ocp4-pci-dss-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-kubeadmin-removed: + ocp4-pci-dss-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-kubelet-configure-tls-cert: + ocp4-pci-dss-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cert-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-configure-tls-key: + ocp4-pci-dss-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-key-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-disable-readonly-port: + ocp4-pci-dss-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-machine-volume-encrypted: + ocp4-pci-dss-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-allowed-registries: + ocp4-pci-dss-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-allowed-registries-for-import: + ocp4-pci-dss-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-registries: + ocp4-pci-dss-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-no-ldap-insecure: + ocp4-pci-dss-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-openshift-api-server-audit-log-path: + ocp4-pci-dss-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-cluster-roles-defined: + ocp4-pci-dss-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-debug-role-protects-pprof: + ocp4-pci-dss-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-least-privilege: + ocp4-pci-dss-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-cluster-admin: + ocp4-pci-dss-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-secrets-access: + ocp4-pci-dss-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-pod-creation-access: + ocp4-pci-dss-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-roles-defined: + ocp4-pci-dss-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-wildcard-use: + ocp4-pci-dss-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-routes-protected-by-tls: + ocp4-pci-dss-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scansettingbinding-exists: + ocp4-pci-dss-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-drop-container-capabilities: + ocp4-pci-dss-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-limit-ipc-namespace: + ocp4-pci-dss-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-net-raw-capability: + ocp4-pci-dss-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-network-namespace: + ocp4-pci-dss-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privilege-escalation: + ocp4-pci-dss-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privileged-containers: + ocp4-pci-dss-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-process-id-namespace: + ocp4-pci-dss-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-root-containers: + ocp4-pci-dss-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scheduler-service-protected-by-rbac: + ocp4-pci-dss-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-secrets-consider-external-storage: + ocp4-pci-dss-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-secrets-no-environment-variables: + ocp4-pci-dss-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-storageclass-encryption-enabled: + ocp4-pci-dss-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-apiserver: + ocp4-pci-dss-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-router: + ocp4-pci-dss-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-acs-sensor-exists: + ocp4-pci-dss-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-alert-receiver-configured: + ocp4-pci-dss-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-tls-security-profile: + ocp4-pci-dss-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-error-alert-exists: + ocp4-pci-dss-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-container-security-operator-exists: + ocp4-pci-dss-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-certificate: + ocp4-pci-dss-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-security-profile: + ocp4-pci-dss-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ocp-idp-no-htpasswd: + ocp4-pci-dss-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-security-profiles-operator-exists: + ocp4-pci-dss-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-security-profile-not-old: + ocp4-pci-dss-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4.17.yml b/tests/assertions/ocp4/ocp4-pci-dss-4.17.yml index 7f99f889399..9ab26b3e4d3 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4.17.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4.17.yml @@ -1,379 +1,379 @@ rule_results: - e2e-pci-dss-accounts-restrict-service-account-tokens: + ocp4-pci-dss-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-accounts-unique-service-account: + ocp4-pci-dss-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-scc: + ocp4-pci-dss-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-anonymous-auth: + ocp4-pci-dss-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-api-priority-gate-enabled: + ocp4-pci-dss-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-audit-log-maxbackup: + ocp4-pci-dss-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-maxsize: + ocp4-pci-dss-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-path: + ocp4-pci-dss-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-no-aa: + ocp4-pci-dss-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-rbac: + ocp4-pci-dss-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-basic-auth: + ocp4-pci-dss-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-bind-address: + ocp4-pci-dss-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-client-ca: + ocp4-pci-dss-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-encryption-provider-cipher: + ocp4-pci-dss-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-ca: + ocp4-pci-dss-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-cert: + ocp4-pci-dss-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-key: + ocp4-pci-dss-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-https-for-kubelet-conn: + ocp4-pci-dss-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-bind-address: + ocp4-pci-dss-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-port: + ocp4-pci-dss-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-certificate-authority: + ocp4-pci-dss-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert: + ocp4-pci-dss-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-client-key: + ocp4-pci-dss-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-oauth-https-serving-cert: + ocp4-pci-dss-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-openshift-https-serving-cert: + ocp4-pci-dss-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-request-timeout: + ocp4-pci-dss-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-lookup: + ocp4-pci-dss-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-public-key: + ocp4-pci-dss-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cert: + ocp4-pci-dss-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cipher-suites: + ocp4-pci-dss-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-private-key: + ocp4-pci-dss-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-token-auth: + ocp4-pci-dss-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-log-forwarding-enabled: + ocp4-pci-dss-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-audit-log-forwarding-webhook: + ocp4-pci-dss-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-audit-logging-enabled: + ocp4-pci-dss-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-profile-set: + ocp4-pci-dss-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-configure-network-policies: + ocp4-pci-dss-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-configure-network-policies-namespaces: + ocp4-pci-dss-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-insecure-port-disabled: + ocp4-pci-dss-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-secure-port: + ocp4-pci-dss-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-ca: + ocp4-pci-dss-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-private-key: + ocp4-pci-dss-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-use-service-account: + ocp4-pci-dss-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-auto-tls: + ocp4-pci-dss-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-cert-file: + ocp4-pci-dss-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-check-cipher-suite: + ocp4-pci-dss-etcd-check-cipher-suite: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-client-cert-auth: + ocp4-pci-dss-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-key-file: + ocp4-pci-dss-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-auto-tls: + ocp4-pci-dss-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-cert-file: + ocp4-pci-dss-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-client-cert-auth: + ocp4-pci-dss-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-key-file: + ocp4-pci-dss-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-integrity-exists: + ocp4-pci-dss-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-integrity-notification-enabled: + ocp4-pci-dss-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-owner-proxy-kubeconfig: + ocp4-pci-dss-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-general-apply-scc: + ocp4-pci-dss-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-namespace-use: + ocp4-pci-dss-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-seccomp-profile: + ocp4-pci-dss-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-namespaces-in-use: + ocp4-pci-dss-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-idp-is-configured: + ocp4-pci-dss-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-kubeadmin-removed: + ocp4-pci-dss-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-kubelet-configure-tls-cert: + ocp4-pci-dss-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cert-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-configure-tls-key: + ocp4-pci-dss-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-key-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-disable-readonly-port: + ocp4-pci-dss-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-machine-volume-encrypted: + ocp4-pci-dss-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-allowed-registries: + ocp4-pci-dss-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-allowed-registries-for-import: + ocp4-pci-dss-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-registries: + ocp4-pci-dss-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-no-ldap-insecure: + ocp4-pci-dss-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-openshift-api-server-audit-log-path: + ocp4-pci-dss-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-cluster-roles-defined: + ocp4-pci-dss-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-debug-role-protects-pprof: + ocp4-pci-dss-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-least-privilege: + ocp4-pci-dss-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-cluster-admin: + ocp4-pci-dss-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-secrets-access: + ocp4-pci-dss-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-pod-creation-access: + ocp4-pci-dss-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-roles-defined: + ocp4-pci-dss-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-wildcard-use: + ocp4-pci-dss-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-routes-protected-by-tls: + ocp4-pci-dss-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scansettingbinding-exists: + ocp4-pci-dss-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-drop-container-capabilities: + ocp4-pci-dss-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-limit-ipc-namespace: + ocp4-pci-dss-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-net-raw-capability: + ocp4-pci-dss-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-network-namespace: + ocp4-pci-dss-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privilege-escalation: + ocp4-pci-dss-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privileged-containers: + ocp4-pci-dss-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-process-id-namespace: + ocp4-pci-dss-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-root-containers: + ocp4-pci-dss-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scheduler-service-protected-by-rbac: + ocp4-pci-dss-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-secrets-consider-external-storage: + ocp4-pci-dss-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-secrets-no-environment-variables: + ocp4-pci-dss-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-storageclass-encryption-enabled: + ocp4-pci-dss-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-apiserver: + ocp4-pci-dss-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-router: + ocp4-pci-dss-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-acs-sensor-exists: + ocp4-pci-dss-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-alert-receiver-configured: + ocp4-pci-dss-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-tls-security-profile: + ocp4-pci-dss-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-error-alert-exists: + ocp4-pci-dss-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-container-security-operator-exists: + ocp4-pci-dss-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-certificate: + ocp4-pci-dss-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-security-profile: + ocp4-pci-dss-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ocp-idp-no-htpasswd: + ocp4-pci-dss-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-security-profiles-operator-exists: + ocp4-pci-dss-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-security-profile-not-old: + ocp4-pci-dss-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4.18.yml b/tests/assertions/ocp4/ocp4-pci-dss-4.18.yml index 7f99f889399..9ab26b3e4d3 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4.18.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4.18.yml @@ -1,379 +1,379 @@ rule_results: - e2e-pci-dss-accounts-restrict-service-account-tokens: + ocp4-pci-dss-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-accounts-unique-service-account: + ocp4-pci-dss-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-scc: + ocp4-pci-dss-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-anonymous-auth: + ocp4-pci-dss-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-api-priority-gate-enabled: + ocp4-pci-dss-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-audit-log-maxbackup: + ocp4-pci-dss-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-maxsize: + ocp4-pci-dss-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-path: + ocp4-pci-dss-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-no-aa: + ocp4-pci-dss-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-rbac: + ocp4-pci-dss-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-basic-auth: + ocp4-pci-dss-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-bind-address: + ocp4-pci-dss-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-client-ca: + ocp4-pci-dss-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-encryption-provider-cipher: + ocp4-pci-dss-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-ca: + ocp4-pci-dss-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-cert: + ocp4-pci-dss-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-key: + ocp4-pci-dss-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-https-for-kubelet-conn: + ocp4-pci-dss-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-bind-address: + ocp4-pci-dss-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-port: + ocp4-pci-dss-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-certificate-authority: + ocp4-pci-dss-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert: + ocp4-pci-dss-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-client-key: + ocp4-pci-dss-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-oauth-https-serving-cert: + ocp4-pci-dss-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-openshift-https-serving-cert: + ocp4-pci-dss-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-request-timeout: + ocp4-pci-dss-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-lookup: + ocp4-pci-dss-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-public-key: + ocp4-pci-dss-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cert: + ocp4-pci-dss-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cipher-suites: + ocp4-pci-dss-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-private-key: + ocp4-pci-dss-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-token-auth: + ocp4-pci-dss-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-log-forwarding-enabled: + ocp4-pci-dss-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-audit-log-forwarding-webhook: + ocp4-pci-dss-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-audit-logging-enabled: + ocp4-pci-dss-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-profile-set: + ocp4-pci-dss-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-configure-network-policies: + ocp4-pci-dss-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-configure-network-policies-namespaces: + ocp4-pci-dss-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-insecure-port-disabled: + ocp4-pci-dss-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-secure-port: + ocp4-pci-dss-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-ca: + ocp4-pci-dss-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-private-key: + ocp4-pci-dss-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-use-service-account: + ocp4-pci-dss-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-auto-tls: + ocp4-pci-dss-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-cert-file: + ocp4-pci-dss-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-check-cipher-suite: + ocp4-pci-dss-etcd-check-cipher-suite: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-client-cert-auth: + ocp4-pci-dss-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-key-file: + ocp4-pci-dss-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-auto-tls: + ocp4-pci-dss-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-cert-file: + ocp4-pci-dss-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-client-cert-auth: + ocp4-pci-dss-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-key-file: + ocp4-pci-dss-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-integrity-exists: + ocp4-pci-dss-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-integrity-notification-enabled: + ocp4-pci-dss-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-owner-proxy-kubeconfig: + ocp4-pci-dss-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-general-apply-scc: + ocp4-pci-dss-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-namespace-use: + ocp4-pci-dss-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-seccomp-profile: + ocp4-pci-dss-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-namespaces-in-use: + ocp4-pci-dss-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-idp-is-configured: + ocp4-pci-dss-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-kubeadmin-removed: + ocp4-pci-dss-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-kubelet-configure-tls-cert: + ocp4-pci-dss-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cert-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-configure-tls-key: + ocp4-pci-dss-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-key-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-disable-readonly-port: + ocp4-pci-dss-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-machine-volume-encrypted: + ocp4-pci-dss-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-allowed-registries: + ocp4-pci-dss-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-allowed-registries-for-import: + ocp4-pci-dss-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-registries: + ocp4-pci-dss-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-no-ldap-insecure: + ocp4-pci-dss-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-openshift-api-server-audit-log-path: + ocp4-pci-dss-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-cluster-roles-defined: + ocp4-pci-dss-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-debug-role-protects-pprof: + ocp4-pci-dss-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-least-privilege: + ocp4-pci-dss-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-cluster-admin: + ocp4-pci-dss-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-secrets-access: + ocp4-pci-dss-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-pod-creation-access: + ocp4-pci-dss-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-roles-defined: + ocp4-pci-dss-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-wildcard-use: + ocp4-pci-dss-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-routes-protected-by-tls: + ocp4-pci-dss-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scansettingbinding-exists: + ocp4-pci-dss-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-drop-container-capabilities: + ocp4-pci-dss-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-limit-ipc-namespace: + ocp4-pci-dss-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-net-raw-capability: + ocp4-pci-dss-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-network-namespace: + ocp4-pci-dss-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privilege-escalation: + ocp4-pci-dss-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privileged-containers: + ocp4-pci-dss-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-process-id-namespace: + ocp4-pci-dss-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-root-containers: + ocp4-pci-dss-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scheduler-service-protected-by-rbac: + ocp4-pci-dss-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-secrets-consider-external-storage: + ocp4-pci-dss-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-secrets-no-environment-variables: + ocp4-pci-dss-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-storageclass-encryption-enabled: + ocp4-pci-dss-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-apiserver: + ocp4-pci-dss-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-router: + ocp4-pci-dss-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-acs-sensor-exists: + ocp4-pci-dss-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-alert-receiver-configured: + ocp4-pci-dss-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-tls-security-profile: + ocp4-pci-dss-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-error-alert-exists: + ocp4-pci-dss-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-container-security-operator-exists: + ocp4-pci-dss-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-certificate: + ocp4-pci-dss-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-security-profile: + ocp4-pci-dss-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ocp-idp-no-htpasswd: + ocp4-pci-dss-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-security-profiles-operator-exists: + ocp4-pci-dss-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-security-profile-not-old: + ocp4-pci-dss-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.12.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.12.yml index 53a127b2d0d..cdecd71d5d1 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.12.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.12.yml @@ -1,704 +1,704 @@ rule_results: - e2e-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-etcd-unique-ca: + ocp4-pci-dss-node-4-0-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-service: + ocp4-pci-dss-node-4-0-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-master-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-etcd-unique-ca: + ocp4-pci-dss-node-4-0-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kubelet: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-worker-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.13.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.13.yml index 53a127b2d0d..cdecd71d5d1 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.13.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.13.yml @@ -1,704 +1,704 @@ rule_results: - e2e-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-etcd-unique-ca: + ocp4-pci-dss-node-4-0-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-service: + ocp4-pci-dss-node-4-0-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-master-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-etcd-unique-ca: + ocp4-pci-dss-node-4-0-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kubelet: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-worker-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.14.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.14.yml index 5a4d2709203..91eab0629b9 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.14.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.14.yml @@ -1,703 +1,703 @@ rule_results: - e2e-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-etcd-unique-ca: + ocp4-pci-dss-node-4-0-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-service: + ocp4-pci-dss-node-4-0-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-master-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-etcd-unique-ca: + ocp4-pci-dss-node-4-0-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kubelet: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-worker-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.15.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.15.yml index 5a4d2709203..91eab0629b9 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.15.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.15.yml @@ -1,703 +1,703 @@ rule_results: - e2e-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-etcd-unique-ca: + ocp4-pci-dss-node-4-0-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-service: + ocp4-pci-dss-node-4-0-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-master-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-etcd-unique-ca: + ocp4-pci-dss-node-4-0-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kubelet: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-worker-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.16.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.16.yml index 5a4d2709203..91eab0629b9 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.16.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.16.yml @@ -1,703 +1,703 @@ rule_results: - e2e-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-etcd-unique-ca: + ocp4-pci-dss-node-4-0-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-service: + ocp4-pci-dss-node-4-0-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-master-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-etcd-unique-ca: + ocp4-pci-dss-node-4-0-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kubelet: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-worker-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.17.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.17.yml index 5a4d2709203..91eab0629b9 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.17.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.17.yml @@ -1,703 +1,703 @@ rule_results: - e2e-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-etcd-unique-ca: + ocp4-pci-dss-node-4-0-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-service: + ocp4-pci-dss-node-4-0-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-master-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-etcd-unique-ca: + ocp4-pci-dss-node-4-0-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kubelet: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-worker-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.18.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.18.yml index 5a4d2709203..91eab0629b9 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.18.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.18.yml @@ -1,703 +1,703 @@ rule_results: - e2e-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-etcd-unique-ca: + ocp4-pci-dss-node-4-0-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-service: + ocp4-pci-dss-node-4-0-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-master-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-etcd-unique-ca: + ocp4-pci-dss-node-4-0-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kubelet: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-worker-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4.12.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4.12.yml index 2b28b76d1be..99b50b83bed 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4.12.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4.12.yml @@ -1,498 +1,498 @@ rule_results: - e2e-pci-dss-node-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-etcd-unique-ca: + ocp4-pci-dss-node-master-etcd-unique-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-service: + ocp4-pci-dss-node-master-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-owner-cni-conf: + ocp4-pci-dss-node-master-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-member: + ocp4-pci-dss-node-master-file-owner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ip-allocations: + ocp4-pci-dss-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet: + ocp4-pci-dss-node-master-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-owner-multus-conf: + ocp4-pci-dss-node-master-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-pid: + ocp4-pci-dss-node-master-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-ca: + ocp4-pci-dss-node-master-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-service: + ocp4-pci-dss-node-master-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-cni-conf: + ocp4-pci-dss-node-master-file-permissions-cni-conf: default_result: FAIL - e2e-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-member: + ocp4-pci-dss-node-master-file-permissions-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-permissions-multus-conf: + ocp4-pci-dss-node-master-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler: + ocp4-pci-dss-node-master-file-permissions-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT - e2e-pci-dss-node-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-ca: + ocp4-pci-dss-node-master-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-service: + ocp4-pci-dss-node-master-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-master-kubelet-authorization-mode: + ocp4-pci-dss-node-master-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-master-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-master-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-etcd-unique-ca: + ocp4-pci-dss-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-owner-cni-conf: + ocp4-pci-dss-node-worker-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-member: + ocp4-pci-dss-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kubelet: + ocp4-pci-dss-node-worker-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-multus-conf: + ocp4-pci-dss-node-worker-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-worker-ca: + ocp4-pci-dss-node-worker-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-service: + ocp4-pci-dss-node-worker-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-worker-file-permissions-cni-conf: default_result: FAIL - e2e-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-scheduler: + ocp4-pci-dss-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-service: + ocp4-pci-dss-node-worker-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-worker-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-worker-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4.13.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4.13.yml index 22cda3563e9..3ab131a0aae 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4.13.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4.13.yml @@ -1,498 +1,498 @@ rule_results: - e2e-pci-dss-node-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-etcd-unique-ca: + ocp4-pci-dss-node-master-etcd-unique-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-service: + ocp4-pci-dss-node-master-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-owner-cni-conf: + ocp4-pci-dss-node-master-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-member: + ocp4-pci-dss-node-master-file-owner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ip-allocations: + ocp4-pci-dss-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet: + ocp4-pci-dss-node-master-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-owner-multus-conf: + ocp4-pci-dss-node-master-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-pid: + ocp4-pci-dss-node-master-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-ca: + ocp4-pci-dss-node-master-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-service: + ocp4-pci-dss-node-master-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-cni-conf: + ocp4-pci-dss-node-master-file-permissions-cni-conf: default_result: FAIL - e2e-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-member: + ocp4-pci-dss-node-master-file-permissions-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-permissions-multus-conf: + ocp4-pci-dss-node-master-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler: + ocp4-pci-dss-node-master-file-permissions-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT - e2e-pci-dss-node-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-ca: + ocp4-pci-dss-node-master-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-service: + ocp4-pci-dss-node-master-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-master-kubelet-authorization-mode: + ocp4-pci-dss-node-master-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-master-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-master-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-etcd-unique-ca: + ocp4-pci-dss-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-owner-cni-conf: + ocp4-pci-dss-node-worker-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-member: + ocp4-pci-dss-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kubelet: + ocp4-pci-dss-node-worker-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-multus-conf: + ocp4-pci-dss-node-worker-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-worker-ca: + ocp4-pci-dss-node-worker-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-service: + ocp4-pci-dss-node-worker-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-worker-file-permissions-cni-conf: default_result: FAIL - e2e-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-scheduler: + ocp4-pci-dss-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-service: + ocp4-pci-dss-node-worker-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-worker-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-worker-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4.14.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4.14.yml index 31460596ff6..4b47133cdd1 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4.14.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4.14.yml @@ -1,498 +1,498 @@ rule_results: - e2e-pci-dss-node-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-etcd-unique-ca: + ocp4-pci-dss-node-master-etcd-unique-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-service: + ocp4-pci-dss-node-master-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-owner-cni-conf: + ocp4-pci-dss-node-master-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-member: + ocp4-pci-dss-node-master-file-owner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ip-allocations: + ocp4-pci-dss-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet: + ocp4-pci-dss-node-master-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-owner-multus-conf: + ocp4-pci-dss-node-master-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-pid: + ocp4-pci-dss-node-master-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-ca: + ocp4-pci-dss-node-master-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-service: + ocp4-pci-dss-node-master-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-cni-conf: + ocp4-pci-dss-node-master-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-member: + ocp4-pci-dss-node-master-file-permissions-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-permissions-multus-conf: + ocp4-pci-dss-node-master-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler: + ocp4-pci-dss-node-master-file-permissions-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT - e2e-pci-dss-node-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-ca: + ocp4-pci-dss-node-master-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-service: + ocp4-pci-dss-node-master-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-master-kubelet-authorization-mode: + ocp4-pci-dss-node-master-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-master-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-master-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-etcd-unique-ca: + ocp4-pci-dss-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-owner-cni-conf: + ocp4-pci-dss-node-worker-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-member: + ocp4-pci-dss-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kubelet: + ocp4-pci-dss-node-worker-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-multus-conf: + ocp4-pci-dss-node-worker-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-worker-ca: + ocp4-pci-dss-node-worker-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-service: + ocp4-pci-dss-node-worker-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-scheduler: + ocp4-pci-dss-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-service: + ocp4-pci-dss-node-worker-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-worker-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-worker-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4.15.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4.15.yml index 31460596ff6..4b47133cdd1 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4.15.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4.15.yml @@ -1,498 +1,498 @@ rule_results: - e2e-pci-dss-node-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-etcd-unique-ca: + ocp4-pci-dss-node-master-etcd-unique-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-service: + ocp4-pci-dss-node-master-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-owner-cni-conf: + ocp4-pci-dss-node-master-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-member: + ocp4-pci-dss-node-master-file-owner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ip-allocations: + ocp4-pci-dss-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet: + ocp4-pci-dss-node-master-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-owner-multus-conf: + ocp4-pci-dss-node-master-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-pid: + ocp4-pci-dss-node-master-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-ca: + ocp4-pci-dss-node-master-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-service: + ocp4-pci-dss-node-master-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-cni-conf: + ocp4-pci-dss-node-master-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-member: + ocp4-pci-dss-node-master-file-permissions-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-permissions-multus-conf: + ocp4-pci-dss-node-master-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler: + ocp4-pci-dss-node-master-file-permissions-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT - e2e-pci-dss-node-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-ca: + ocp4-pci-dss-node-master-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-service: + ocp4-pci-dss-node-master-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-master-kubelet-authorization-mode: + ocp4-pci-dss-node-master-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-master-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-master-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-etcd-unique-ca: + ocp4-pci-dss-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-owner-cni-conf: + ocp4-pci-dss-node-worker-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-member: + ocp4-pci-dss-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kubelet: + ocp4-pci-dss-node-worker-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-multus-conf: + ocp4-pci-dss-node-worker-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-worker-ca: + ocp4-pci-dss-node-worker-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-service: + ocp4-pci-dss-node-worker-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-scheduler: + ocp4-pci-dss-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-service: + ocp4-pci-dss-node-worker-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-worker-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-worker-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4.16.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4.16.yml index 31460596ff6..4b47133cdd1 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4.16.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4.16.yml @@ -1,498 +1,498 @@ rule_results: - e2e-pci-dss-node-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-etcd-unique-ca: + ocp4-pci-dss-node-master-etcd-unique-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-service: + ocp4-pci-dss-node-master-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-owner-cni-conf: + ocp4-pci-dss-node-master-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-member: + ocp4-pci-dss-node-master-file-owner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ip-allocations: + ocp4-pci-dss-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet: + ocp4-pci-dss-node-master-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-owner-multus-conf: + ocp4-pci-dss-node-master-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-pid: + ocp4-pci-dss-node-master-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-ca: + ocp4-pci-dss-node-master-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-service: + ocp4-pci-dss-node-master-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-cni-conf: + ocp4-pci-dss-node-master-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-member: + ocp4-pci-dss-node-master-file-permissions-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-permissions-multus-conf: + ocp4-pci-dss-node-master-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler: + ocp4-pci-dss-node-master-file-permissions-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT - e2e-pci-dss-node-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-ca: + ocp4-pci-dss-node-master-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-service: + ocp4-pci-dss-node-master-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-master-kubelet-authorization-mode: + ocp4-pci-dss-node-master-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-master-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-master-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-etcd-unique-ca: + ocp4-pci-dss-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-owner-cni-conf: + ocp4-pci-dss-node-worker-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-member: + ocp4-pci-dss-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kubelet: + ocp4-pci-dss-node-worker-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-multus-conf: + ocp4-pci-dss-node-worker-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-worker-ca: + ocp4-pci-dss-node-worker-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-service: + ocp4-pci-dss-node-worker-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-scheduler: + ocp4-pci-dss-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-service: + ocp4-pci-dss-node-worker-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-worker-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-worker-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4.17.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4.17.yml index f2fd6457104..8f0d2551872 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4.17.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4.17.yml @@ -1,497 +1,497 @@ rule_results: - e2e-pci-dss-node-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-etcd-unique-ca: + ocp4-pci-dss-node-master-etcd-unique-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-service: + ocp4-pci-dss-node-master-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-owner-cni-conf: + ocp4-pci-dss-node-master-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-member: + ocp4-pci-dss-node-master-file-owner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ip-allocations: + ocp4-pci-dss-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet: + ocp4-pci-dss-node-master-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-owner-multus-conf: + ocp4-pci-dss-node-master-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-pid: + ocp4-pci-dss-node-master-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-ca: + ocp4-pci-dss-node-master-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-service: + ocp4-pci-dss-node-master-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-cni-conf: + ocp4-pci-dss-node-master-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-member: + ocp4-pci-dss-node-master-file-permissions-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-permissions-multus-conf: + ocp4-pci-dss-node-master-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler: + ocp4-pci-dss-node-master-file-permissions-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-ca: + ocp4-pci-dss-node-master-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-service: + ocp4-pci-dss-node-master-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-master-kubelet-authorization-mode: + ocp4-pci-dss-node-master-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-master-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-master-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-etcd-unique-ca: + ocp4-pci-dss-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-owner-cni-conf: + ocp4-pci-dss-node-worker-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-member: + ocp4-pci-dss-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kubelet: + ocp4-pci-dss-node-worker-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-multus-conf: + ocp4-pci-dss-node-worker-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-worker-ca: + ocp4-pci-dss-node-worker-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-service: + ocp4-pci-dss-node-worker-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-scheduler: + ocp4-pci-dss-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-service: + ocp4-pci-dss-node-worker-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-worker-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-worker-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4.18.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4.18.yml index f2fd6457104..8f0d2551872 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4.18.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4.18.yml @@ -1,497 +1,497 @@ rule_results: - e2e-pci-dss-node-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-etcd-unique-ca: + ocp4-pci-dss-node-master-etcd-unique-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-service: + ocp4-pci-dss-node-master-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-owner-cni-conf: + ocp4-pci-dss-node-master-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-member: + ocp4-pci-dss-node-master-file-owner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ip-allocations: + ocp4-pci-dss-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet: + ocp4-pci-dss-node-master-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-owner-multus-conf: + ocp4-pci-dss-node-master-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-pid: + ocp4-pci-dss-node-master-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-ca: + ocp4-pci-dss-node-master-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-service: + ocp4-pci-dss-node-master-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-cni-conf: + ocp4-pci-dss-node-master-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-member: + ocp4-pci-dss-node-master-file-permissions-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-permissions-multus-conf: + ocp4-pci-dss-node-master-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler: + ocp4-pci-dss-node-master-file-permissions-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-ca: + ocp4-pci-dss-node-master-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-service: + ocp4-pci-dss-node-master-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-master-kubelet-authorization-mode: + ocp4-pci-dss-node-master-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-master-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-master-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-etcd-unique-ca: + ocp4-pci-dss-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-owner-cni-conf: + ocp4-pci-dss-node-worker-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-member: + ocp4-pci-dss-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kubelet: + ocp4-pci-dss-node-worker-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-multus-conf: + ocp4-pci-dss-node-worker-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-worker-ca: + ocp4-pci-dss-node-worker-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-service: + ocp4-pci-dss-node-worker-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-scheduler: + ocp4-pci-dss-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-service: + ocp4-pci-dss-node-worker-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-worker-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-worker-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-stig-4.12.yml b/tests/assertions/ocp4/ocp4-stig-4.12.yml index d6cb9642425..b4b47f4feca 100644 --- a/tests/assertions/ocp4/ocp4-stig-4.12.yml +++ b/tests/assertions/ocp4/ocp4-stig-4.12.yml @@ -1,369 +1,369 @@ rule_results: - e2e-stig-accounts-restrict-service-account-tokens: + ocp4-stig-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-accounts-unique-service-account: + ocp4-stig-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-api-server-admission-control-plugin-alwaysadmit: + ocp4-stig-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-alwayspullimages: + ocp4-stig-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-namespacelifecycle: + ocp4-stig-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-noderestriction: + ocp4-stig-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-scc: + ocp4-stig-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-securitycontextdeny: + ocp4-stig-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-service-account: + ocp4-stig-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-anonymous-auth: + ocp4-stig-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-flowschema-catch-all: + ocp4-stig-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-gate-enabled: + ocp4-stig-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-audit-log-maxbackup: + ocp4-stig-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-maxsize: + ocp4-stig-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-path: + ocp4-stig-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-no-aa: + ocp4-stig-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-node: + ocp4-stig-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-rbac: + ocp4-stig-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-basic-auth: + ocp4-stig-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-bind-address: + ocp4-stig-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-encryption-provider-cipher: + ocp4-stig-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-stig-api-server-etcd-cert: + ocp4-stig-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-etcd-key: + ocp4-stig-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-https-for-kubelet-conn: + ocp4-stig-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-bind-address: + ocp4-stig-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-port: + ocp4-stig-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-certificate-authority: + ocp4-stig-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert: + ocp4-stig-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert-pre-4-9: + ocp4-stig-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key: + ocp4-stig-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-key-pre-4-9: + ocp4-stig-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-no-adm-ctrl-plugins-disabled: + ocp4-stig-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-oauth-https-serving-cert: + ocp4-stig-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-openshift-https-serving-cert: + ocp4-stig-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-profiling-protected-by-rbac: + ocp4-stig-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-request-timeout: + ocp4-stig-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-lookup: + ocp4-stig-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-public-key: + ocp4-stig-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-cipher-suites: + ocp4-stig-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-security-profile: + ocp4-stig-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-token-auth: + ocp4-stig-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-error-alert-exists: + ocp4-stig-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-log-forwarding-enabled: + ocp4-stig-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-log-forwarding-uses-tls: + ocp4-stig-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-profile-set: + ocp4-stig-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-classification-banner: + ocp4-stig-classification-banner: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-logging-operator-exist: + ocp4-stig-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-version-operator-exists: + ocp4-stig-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-cluster-version-operator-verify-integrity: + ocp4-stig-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies: + ocp4-stig-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies-namespaces: + ocp4-stig-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-stig-container-security-operator-exists: + ocp4-stig-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-controller-insecure-port-disabled: + ocp4-stig-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-rotate-kubelet-server-certs: + ocp4-stig-controller-rotate-kubelet-server-certs: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-secure-port: + ocp4-stig-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-ca: + ocp4-stig-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-private-key: + ocp4-stig-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-use-service-account: + ocp4-stig-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-auto-tls: + ocp4-stig-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-cert-file: + ocp4-stig-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-client-cert-auth: + ocp4-stig-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-key-file: + ocp4-stig-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-auto-tls: + ocp4-stig-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-client-cert-auth: + ocp4-stig-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-file-groupowner-proxy-kubeconfig: + ocp4-stig-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-integrity-exists: + ocp4-stig-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-file-owner-proxy-kubeconfig: + ocp4-stig-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-permissions-proxy-kubeconfig: + ocp4-stig-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-fips-mode-enabled-on-all-nodes: + ocp4-stig-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-stig-general-apply-scc: + ocp4-stig-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-configure-imagepolicywebhook: + ocp4-stig-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-namespace-use: + ocp4-stig-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-seccomp-profile: + ocp4-stig-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-namespaces-in-use: + ocp4-stig-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-idp-is-configured: + ocp4-stig-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-stig-image-pruner-active: + ocp4-stig-image-pruner-active: default_result: PASS result_after_remediation: PASS - e2e-stig-imagestream-sets-schedule: + ocp4-stig-imagestream-sets-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-ingress-controller-tls-security-profile: + ocp4-stig-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-kubeadmin-removed: + ocp4-stig-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-stig-kubelet-disable-readonly-port: + ocp4-stig-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-stig-oauth-login-template-set: + ocp4-stig-oauth-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-logout-url-set: + ocp4-stig-oauth-logout-url-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-inactivity-timeout: + ocp4-stig-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-token-maxage: + ocp4-stig-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-provider-selection-set: + ocp4-stig-oauth-provider-selection-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-ocp-allowed-registries: + ocp4-stig-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-allowed-registries-for-import: + ocp4-stig-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-api-server-audit-log-maxbackup: + ocp4-stig-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-api-server-audit-log-maxsize: + ocp4-stig-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-idp-no-htpasswd: + ocp4-stig-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-allowed-registries-for-import: + ocp4-stig-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-registries: + ocp4-stig-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-no-ldap-insecure: + ocp4-stig-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-api-server-audit-log-path: + ocp4-stig-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-motd-exists: + ocp4-stig-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-network-policy: + ocp4-stig-project-config-and-template-network-policy: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-resource-quota: + ocp4-stig-project-config-and-template-resource-quota: default_result: FAIL result_after_remediation: PASS - e2e-stig-rbac-debug-role-protects-pprof: + ocp4-stig-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-stig-rbac-least-privilege: + ocp4-stig-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-cluster-admin: + ocp4-stig-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-secrets-access: + ocp4-stig-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-del: + ocp4-stig-rbac-logging-del: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-mod: + ocp4-stig-rbac-logging-mod: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-view: + ocp4-stig-rbac-logging-view: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-pod-creation-access: + ocp4-stig-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-wildcard-use: + ocp4-stig-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-resource-requests-quota-per-project: + ocp4-stig-resource-requests-quota-per-project: default_result: PASS - e2e-stig-routes-rate-limit: + ocp4-stig-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettingbinding-exists: + ocp4-stig-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettings-have-schedule: + ocp4-stig-scansettings-have-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-drop-container-capabilities: + ocp4-stig-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-container-allowed-capabilities: + ocp4-stig-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-limit-host-dir-volume-plugin: + ocp4-stig-scc-limit-host-dir-volume-plugin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-host-ports: + ocp4-stig-scc-limit-host-ports: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-ipc-namespace: + ocp4-stig-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-net-raw-capability: + ocp4-stig-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-network-namespace: + ocp4-stig-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privilege-escalation: + ocp4-stig-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privileged-containers: + ocp4-stig-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-process-id-namespace: + ocp4-stig-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-root-containers: + ocp4-stig-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-consider-external-storage: + ocp4-stig-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-no-environment-variables: + ocp4-stig-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-stig-4.13.yml b/tests/assertions/ocp4/ocp4-stig-4.13.yml index c9a741c04ab..ccb97b66ed6 100644 --- a/tests/assertions/ocp4/ocp4-stig-4.13.yml +++ b/tests/assertions/ocp4/ocp4-stig-4.13.yml @@ -1,368 +1,368 @@ rule_results: - e2e-stig-accounts-restrict-service-account-tokens: + ocp4-stig-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-accounts-unique-service-account: + ocp4-stig-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-api-server-admission-control-plugin-alwaysadmit: + ocp4-stig-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-alwayspullimages: + ocp4-stig-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-namespacelifecycle: + ocp4-stig-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-noderestriction: + ocp4-stig-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-scc: + ocp4-stig-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-securitycontextdeny: + ocp4-stig-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-service-account: + ocp4-stig-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-anonymous-auth: + ocp4-stig-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-flowschema-catch-all: + ocp4-stig-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-gate-enabled: + ocp4-stig-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-audit-log-maxbackup: + ocp4-stig-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-maxsize: + ocp4-stig-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-path: + ocp4-stig-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-no-aa: + ocp4-stig-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-node: + ocp4-stig-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-rbac: + ocp4-stig-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-basic-auth: + ocp4-stig-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-bind-address: + ocp4-stig-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-encryption-provider-cipher: + ocp4-stig-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-stig-api-server-etcd-cert: + ocp4-stig-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-etcd-key: + ocp4-stig-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-https-for-kubelet-conn: + ocp4-stig-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-bind-address: + ocp4-stig-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-port: + ocp4-stig-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-certificate-authority: + ocp4-stig-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert: + ocp4-stig-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert-pre-4-9: + ocp4-stig-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key: + ocp4-stig-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-key-pre-4-9: + ocp4-stig-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-no-adm-ctrl-plugins-disabled: + ocp4-stig-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-oauth-https-serving-cert: + ocp4-stig-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-openshift-https-serving-cert: + ocp4-stig-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-profiling-protected-by-rbac: + ocp4-stig-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-request-timeout: + ocp4-stig-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-lookup: + ocp4-stig-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-public-key: + ocp4-stig-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-cipher-suites: + ocp4-stig-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-security-profile: + ocp4-stig-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-token-auth: + ocp4-stig-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-error-alert-exists: + ocp4-stig-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-log-forwarding-enabled: + ocp4-stig-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-log-forwarding-uses-tls: + ocp4-stig-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-profile-set: + ocp4-stig-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-classification-banner: + ocp4-stig-classification-banner: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-logging-operator-exist: + ocp4-stig-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-version-operator-exists: + ocp4-stig-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-cluster-version-operator-verify-integrity: + ocp4-stig-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies: + ocp4-stig-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies-namespaces: + ocp4-stig-configure-network-policies-namespaces: default_result: PASS - e2e-stig-container-security-operator-exists: + ocp4-stig-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-controller-insecure-port-disabled: + ocp4-stig-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-rotate-kubelet-server-certs: + ocp4-stig-controller-rotate-kubelet-server-certs: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-secure-port: + ocp4-stig-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-ca: + ocp4-stig-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-private-key: + ocp4-stig-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-use-service-account: + ocp4-stig-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-auto-tls: + ocp4-stig-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-cert-file: + ocp4-stig-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-client-cert-auth: + ocp4-stig-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-key-file: + ocp4-stig-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-auto-tls: + ocp4-stig-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-client-cert-auth: + ocp4-stig-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-file-groupowner-proxy-kubeconfig: + ocp4-stig-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-integrity-exists: + ocp4-stig-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-file-owner-proxy-kubeconfig: + ocp4-stig-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-permissions-proxy-kubeconfig: + ocp4-stig-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-fips-mode-enabled-on-all-nodes: + ocp4-stig-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-stig-general-apply-scc: + ocp4-stig-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-configure-imagepolicywebhook: + ocp4-stig-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-namespace-use: + ocp4-stig-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-seccomp-profile: + ocp4-stig-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-namespaces-in-use: + ocp4-stig-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-idp-is-configured: + ocp4-stig-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-stig-image-pruner-active: + ocp4-stig-image-pruner-active: default_result: PASS result_after_remediation: PASS - e2e-stig-imagestream-sets-schedule: + ocp4-stig-imagestream-sets-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-ingress-controller-tls-security-profile: + ocp4-stig-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-kubeadmin-removed: + ocp4-stig-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-stig-kubelet-disable-readonly-port: + ocp4-stig-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-stig-oauth-login-template-set: + ocp4-stig-oauth-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-logout-url-set: + ocp4-stig-oauth-logout-url-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-inactivity-timeout: + ocp4-stig-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-token-maxage: + ocp4-stig-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-provider-selection-set: + ocp4-stig-oauth-provider-selection-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-ocp-allowed-registries: + ocp4-stig-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-allowed-registries-for-import: + ocp4-stig-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-api-server-audit-log-maxbackup: + ocp4-stig-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-api-server-audit-log-maxsize: + ocp4-stig-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-idp-no-htpasswd: + ocp4-stig-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-allowed-registries-for-import: + ocp4-stig-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-registries: + ocp4-stig-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-no-ldap-insecure: + ocp4-stig-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-api-server-audit-log-path: + ocp4-stig-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-motd-exists: + ocp4-stig-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-network-policy: + ocp4-stig-project-config-and-template-network-policy: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-resource-quota: + ocp4-stig-project-config-and-template-resource-quota: default_result: FAIL result_after_remediation: PASS - e2e-stig-rbac-debug-role-protects-pprof: + ocp4-stig-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-stig-rbac-least-privilege: + ocp4-stig-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-cluster-admin: + ocp4-stig-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-secrets-access: + ocp4-stig-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-del: + ocp4-stig-rbac-logging-del: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-mod: + ocp4-stig-rbac-logging-mod: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-view: + ocp4-stig-rbac-logging-view: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-pod-creation-access: + ocp4-stig-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-wildcard-use: + ocp4-stig-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-resource-requests-quota-per-project: + ocp4-stig-resource-requests-quota-per-project: default_result: PASS - e2e-stig-routes-rate-limit: + ocp4-stig-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettingbinding-exists: + ocp4-stig-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettings-have-schedule: + ocp4-stig-scansettings-have-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-drop-container-capabilities: + ocp4-stig-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-container-allowed-capabilities: + ocp4-stig-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-limit-host-dir-volume-plugin: + ocp4-stig-scc-limit-host-dir-volume-plugin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-host-ports: + ocp4-stig-scc-limit-host-ports: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-ipc-namespace: + ocp4-stig-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-net-raw-capability: + ocp4-stig-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-network-namespace: + ocp4-stig-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privilege-escalation: + ocp4-stig-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privileged-containers: + ocp4-stig-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-process-id-namespace: + ocp4-stig-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-root-containers: + ocp4-stig-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-consider-external-storage: + ocp4-stig-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-no-environment-variables: + ocp4-stig-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-stig-4.14.yml b/tests/assertions/ocp4/ocp4-stig-4.14.yml index 071323dc774..02965c32ae8 100644 --- a/tests/assertions/ocp4/ocp4-stig-4.14.yml +++ b/tests/assertions/ocp4/ocp4-stig-4.14.yml @@ -1,368 +1,368 @@ rule_results: - e2e-stig-accounts-restrict-service-account-tokens: + ocp4-stig-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-accounts-unique-service-account: + ocp4-stig-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-api-server-admission-control-plugin-alwaysadmit: + ocp4-stig-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-alwayspullimages: + ocp4-stig-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-namespacelifecycle: + ocp4-stig-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-noderestriction: + ocp4-stig-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-scc: + ocp4-stig-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-securitycontextdeny: + ocp4-stig-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-service-account: + ocp4-stig-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-anonymous-auth: + ocp4-stig-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-flowschema-catch-all: + ocp4-stig-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-gate-enabled: + ocp4-stig-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-audit-log-maxbackup: + ocp4-stig-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-maxsize: + ocp4-stig-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-path: + ocp4-stig-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-no-aa: + ocp4-stig-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-node: + ocp4-stig-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-rbac: + ocp4-stig-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-basic-auth: + ocp4-stig-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-bind-address: + ocp4-stig-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-encryption-provider-cipher: + ocp4-stig-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-stig-api-server-etcd-cert: + ocp4-stig-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-etcd-key: + ocp4-stig-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-https-for-kubelet-conn: + ocp4-stig-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-bind-address: + ocp4-stig-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-port: + ocp4-stig-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-certificate-authority: + ocp4-stig-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert: + ocp4-stig-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert-pre-4-9: + ocp4-stig-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key: + ocp4-stig-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-key-pre-4-9: + ocp4-stig-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-no-adm-ctrl-plugins-disabled: + ocp4-stig-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-oauth-https-serving-cert: + ocp4-stig-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-openshift-https-serving-cert: + ocp4-stig-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-profiling-protected-by-rbac: + ocp4-stig-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-request-timeout: + ocp4-stig-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-lookup: + ocp4-stig-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-public-key: + ocp4-stig-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-cipher-suites: + ocp4-stig-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-security-profile: + ocp4-stig-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-token-auth: + ocp4-stig-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-error-alert-exists: + ocp4-stig-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-log-forwarding-enabled: + ocp4-stig-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-log-forwarding-uses-tls: + ocp4-stig-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-profile-set: + ocp4-stig-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-classification-banner: + ocp4-stig-classification-banner: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-logging-operator-exist: + ocp4-stig-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-version-operator-exists: + ocp4-stig-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-cluster-version-operator-verify-integrity: + ocp4-stig-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies: + ocp4-stig-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies-namespaces: + ocp4-stig-configure-network-policies-namespaces: default_result: PASS - e2e-stig-container-security-operator-exists: + ocp4-stig-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-controller-insecure-port-disabled: + ocp4-stig-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-rotate-kubelet-server-certs: + ocp4-stig-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-controller-secure-port: + ocp4-stig-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-ca: + ocp4-stig-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-private-key: + ocp4-stig-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-use-service-account: + ocp4-stig-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-auto-tls: + ocp4-stig-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-cert-file: + ocp4-stig-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-client-cert-auth: + ocp4-stig-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-key-file: + ocp4-stig-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-auto-tls: + ocp4-stig-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-client-cert-auth: + ocp4-stig-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-file-groupowner-proxy-kubeconfig: + ocp4-stig-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-integrity-exists: + ocp4-stig-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-file-owner-proxy-kubeconfig: + ocp4-stig-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-permissions-proxy-kubeconfig: + ocp4-stig-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-fips-mode-enabled-on-all-nodes: + ocp4-stig-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-stig-general-apply-scc: + ocp4-stig-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-configure-imagepolicywebhook: + ocp4-stig-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-namespace-use: + ocp4-stig-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-seccomp-profile: + ocp4-stig-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-namespaces-in-use: + ocp4-stig-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-idp-is-configured: + ocp4-stig-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-stig-image-pruner-active: + ocp4-stig-image-pruner-active: default_result: PASS result_after_remediation: PASS - e2e-stig-imagestream-sets-schedule: + ocp4-stig-imagestream-sets-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-ingress-controller-tls-security-profile: + ocp4-stig-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-kubeadmin-removed: + ocp4-stig-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-stig-kubelet-disable-readonly-port: + ocp4-stig-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-stig-oauth-login-template-set: + ocp4-stig-oauth-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-logout-url-set: + ocp4-stig-oauth-logout-url-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-inactivity-timeout: + ocp4-stig-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-token-maxage: + ocp4-stig-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-provider-selection-set: + ocp4-stig-oauth-provider-selection-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-ocp-allowed-registries: + ocp4-stig-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-allowed-registries-for-import: + ocp4-stig-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-api-server-audit-log-maxbackup: + ocp4-stig-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-api-server-audit-log-maxsize: + ocp4-stig-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-idp-no-htpasswd: + ocp4-stig-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-allowed-registries-for-import: + ocp4-stig-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-registries: + ocp4-stig-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-no-ldap-insecure: + ocp4-stig-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-api-server-audit-log-path: + ocp4-stig-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-motd-exists: + ocp4-stig-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-network-policy: + ocp4-stig-project-config-and-template-network-policy: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-resource-quota: + ocp4-stig-project-config-and-template-resource-quota: default_result: FAIL result_after_remediation: PASS - e2e-stig-rbac-debug-role-protects-pprof: + ocp4-stig-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-stig-rbac-least-privilege: + ocp4-stig-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-cluster-admin: + ocp4-stig-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-secrets-access: + ocp4-stig-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-del: + ocp4-stig-rbac-logging-del: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-mod: + ocp4-stig-rbac-logging-mod: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-view: + ocp4-stig-rbac-logging-view: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-pod-creation-access: + ocp4-stig-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-wildcard-use: + ocp4-stig-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-resource-requests-quota-per-project: + ocp4-stig-resource-requests-quota-per-project: default_result: PASS - e2e-stig-routes-rate-limit: + ocp4-stig-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettingbinding-exists: + ocp4-stig-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettings-have-schedule: + ocp4-stig-scansettings-have-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-drop-container-capabilities: + ocp4-stig-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-container-allowed-capabilities: + ocp4-stig-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-limit-host-dir-volume-plugin: + ocp4-stig-scc-limit-host-dir-volume-plugin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-host-ports: + ocp4-stig-scc-limit-host-ports: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-ipc-namespace: + ocp4-stig-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-net-raw-capability: + ocp4-stig-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-network-namespace: + ocp4-stig-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privilege-escalation: + ocp4-stig-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privileged-containers: + ocp4-stig-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-process-id-namespace: + ocp4-stig-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-root-containers: + ocp4-stig-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-consider-external-storage: + ocp4-stig-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-no-environment-variables: + ocp4-stig-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-stig-4.15.yml b/tests/assertions/ocp4/ocp4-stig-4.15.yml index 071323dc774..02965c32ae8 100644 --- a/tests/assertions/ocp4/ocp4-stig-4.15.yml +++ b/tests/assertions/ocp4/ocp4-stig-4.15.yml @@ -1,368 +1,368 @@ rule_results: - e2e-stig-accounts-restrict-service-account-tokens: + ocp4-stig-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-accounts-unique-service-account: + ocp4-stig-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-api-server-admission-control-plugin-alwaysadmit: + ocp4-stig-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-alwayspullimages: + ocp4-stig-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-namespacelifecycle: + ocp4-stig-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-noderestriction: + ocp4-stig-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-scc: + ocp4-stig-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-securitycontextdeny: + ocp4-stig-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-service-account: + ocp4-stig-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-anonymous-auth: + ocp4-stig-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-flowschema-catch-all: + ocp4-stig-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-gate-enabled: + ocp4-stig-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-audit-log-maxbackup: + ocp4-stig-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-maxsize: + ocp4-stig-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-path: + ocp4-stig-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-no-aa: + ocp4-stig-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-node: + ocp4-stig-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-rbac: + ocp4-stig-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-basic-auth: + ocp4-stig-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-bind-address: + ocp4-stig-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-encryption-provider-cipher: + ocp4-stig-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-stig-api-server-etcd-cert: + ocp4-stig-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-etcd-key: + ocp4-stig-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-https-for-kubelet-conn: + ocp4-stig-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-bind-address: + ocp4-stig-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-port: + ocp4-stig-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-certificate-authority: + ocp4-stig-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert: + ocp4-stig-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert-pre-4-9: + ocp4-stig-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key: + ocp4-stig-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-key-pre-4-9: + ocp4-stig-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-no-adm-ctrl-plugins-disabled: + ocp4-stig-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-oauth-https-serving-cert: + ocp4-stig-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-openshift-https-serving-cert: + ocp4-stig-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-profiling-protected-by-rbac: + ocp4-stig-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-request-timeout: + ocp4-stig-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-lookup: + ocp4-stig-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-public-key: + ocp4-stig-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-cipher-suites: + ocp4-stig-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-security-profile: + ocp4-stig-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-token-auth: + ocp4-stig-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-error-alert-exists: + ocp4-stig-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-log-forwarding-enabled: + ocp4-stig-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-log-forwarding-uses-tls: + ocp4-stig-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-profile-set: + ocp4-stig-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-classification-banner: + ocp4-stig-classification-banner: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-logging-operator-exist: + ocp4-stig-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-version-operator-exists: + ocp4-stig-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-cluster-version-operator-verify-integrity: + ocp4-stig-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies: + ocp4-stig-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies-namespaces: + ocp4-stig-configure-network-policies-namespaces: default_result: PASS - e2e-stig-container-security-operator-exists: + ocp4-stig-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-controller-insecure-port-disabled: + ocp4-stig-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-rotate-kubelet-server-certs: + ocp4-stig-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-controller-secure-port: + ocp4-stig-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-ca: + ocp4-stig-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-private-key: + ocp4-stig-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-use-service-account: + ocp4-stig-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-auto-tls: + ocp4-stig-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-cert-file: + ocp4-stig-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-client-cert-auth: + ocp4-stig-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-key-file: + ocp4-stig-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-auto-tls: + ocp4-stig-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-client-cert-auth: + ocp4-stig-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-file-groupowner-proxy-kubeconfig: + ocp4-stig-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-integrity-exists: + ocp4-stig-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-file-owner-proxy-kubeconfig: + ocp4-stig-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-permissions-proxy-kubeconfig: + ocp4-stig-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-fips-mode-enabled-on-all-nodes: + ocp4-stig-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-stig-general-apply-scc: + ocp4-stig-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-configure-imagepolicywebhook: + ocp4-stig-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-namespace-use: + ocp4-stig-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-seccomp-profile: + ocp4-stig-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-namespaces-in-use: + ocp4-stig-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-idp-is-configured: + ocp4-stig-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-stig-image-pruner-active: + ocp4-stig-image-pruner-active: default_result: PASS result_after_remediation: PASS - e2e-stig-imagestream-sets-schedule: + ocp4-stig-imagestream-sets-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-ingress-controller-tls-security-profile: + ocp4-stig-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-kubeadmin-removed: + ocp4-stig-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-stig-kubelet-disable-readonly-port: + ocp4-stig-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-stig-oauth-login-template-set: + ocp4-stig-oauth-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-logout-url-set: + ocp4-stig-oauth-logout-url-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-inactivity-timeout: + ocp4-stig-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-token-maxage: + ocp4-stig-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-provider-selection-set: + ocp4-stig-oauth-provider-selection-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-ocp-allowed-registries: + ocp4-stig-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-allowed-registries-for-import: + ocp4-stig-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-api-server-audit-log-maxbackup: + ocp4-stig-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-api-server-audit-log-maxsize: + ocp4-stig-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-idp-no-htpasswd: + ocp4-stig-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-allowed-registries-for-import: + ocp4-stig-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-registries: + ocp4-stig-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-no-ldap-insecure: + ocp4-stig-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-api-server-audit-log-path: + ocp4-stig-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-motd-exists: + ocp4-stig-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-network-policy: + ocp4-stig-project-config-and-template-network-policy: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-resource-quota: + ocp4-stig-project-config-and-template-resource-quota: default_result: FAIL result_after_remediation: PASS - e2e-stig-rbac-debug-role-protects-pprof: + ocp4-stig-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-stig-rbac-least-privilege: + ocp4-stig-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-cluster-admin: + ocp4-stig-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-secrets-access: + ocp4-stig-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-del: + ocp4-stig-rbac-logging-del: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-mod: + ocp4-stig-rbac-logging-mod: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-view: + ocp4-stig-rbac-logging-view: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-pod-creation-access: + ocp4-stig-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-wildcard-use: + ocp4-stig-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-resource-requests-quota-per-project: + ocp4-stig-resource-requests-quota-per-project: default_result: PASS - e2e-stig-routes-rate-limit: + ocp4-stig-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettingbinding-exists: + ocp4-stig-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettings-have-schedule: + ocp4-stig-scansettings-have-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-drop-container-capabilities: + ocp4-stig-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-container-allowed-capabilities: + ocp4-stig-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-limit-host-dir-volume-plugin: + ocp4-stig-scc-limit-host-dir-volume-plugin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-host-ports: + ocp4-stig-scc-limit-host-ports: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-ipc-namespace: + ocp4-stig-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-net-raw-capability: + ocp4-stig-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-network-namespace: + ocp4-stig-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privilege-escalation: + ocp4-stig-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privileged-containers: + ocp4-stig-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-process-id-namespace: + ocp4-stig-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-root-containers: + ocp4-stig-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-consider-external-storage: + ocp4-stig-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-no-environment-variables: + ocp4-stig-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-stig-4.16.yml b/tests/assertions/ocp4/ocp4-stig-4.16.yml index 071323dc774..02965c32ae8 100644 --- a/tests/assertions/ocp4/ocp4-stig-4.16.yml +++ b/tests/assertions/ocp4/ocp4-stig-4.16.yml @@ -1,368 +1,368 @@ rule_results: - e2e-stig-accounts-restrict-service-account-tokens: + ocp4-stig-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-accounts-unique-service-account: + ocp4-stig-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-api-server-admission-control-plugin-alwaysadmit: + ocp4-stig-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-alwayspullimages: + ocp4-stig-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-namespacelifecycle: + ocp4-stig-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-noderestriction: + ocp4-stig-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-scc: + ocp4-stig-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-securitycontextdeny: + ocp4-stig-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-service-account: + ocp4-stig-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-anonymous-auth: + ocp4-stig-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-flowschema-catch-all: + ocp4-stig-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-gate-enabled: + ocp4-stig-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-audit-log-maxbackup: + ocp4-stig-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-maxsize: + ocp4-stig-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-path: + ocp4-stig-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-no-aa: + ocp4-stig-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-node: + ocp4-stig-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-rbac: + ocp4-stig-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-basic-auth: + ocp4-stig-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-bind-address: + ocp4-stig-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-encryption-provider-cipher: + ocp4-stig-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-stig-api-server-etcd-cert: + ocp4-stig-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-etcd-key: + ocp4-stig-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-https-for-kubelet-conn: + ocp4-stig-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-bind-address: + ocp4-stig-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-port: + ocp4-stig-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-certificate-authority: + ocp4-stig-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert: + ocp4-stig-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert-pre-4-9: + ocp4-stig-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key: + ocp4-stig-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-key-pre-4-9: + ocp4-stig-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-no-adm-ctrl-plugins-disabled: + ocp4-stig-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-oauth-https-serving-cert: + ocp4-stig-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-openshift-https-serving-cert: + ocp4-stig-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-profiling-protected-by-rbac: + ocp4-stig-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-request-timeout: + ocp4-stig-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-lookup: + ocp4-stig-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-public-key: + ocp4-stig-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-cipher-suites: + ocp4-stig-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-security-profile: + ocp4-stig-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-token-auth: + ocp4-stig-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-error-alert-exists: + ocp4-stig-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-log-forwarding-enabled: + ocp4-stig-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-log-forwarding-uses-tls: + ocp4-stig-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-profile-set: + ocp4-stig-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-classification-banner: + ocp4-stig-classification-banner: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-logging-operator-exist: + ocp4-stig-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-version-operator-exists: + ocp4-stig-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-cluster-version-operator-verify-integrity: + ocp4-stig-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies: + ocp4-stig-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies-namespaces: + ocp4-stig-configure-network-policies-namespaces: default_result: PASS - e2e-stig-container-security-operator-exists: + ocp4-stig-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-controller-insecure-port-disabled: + ocp4-stig-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-rotate-kubelet-server-certs: + ocp4-stig-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-controller-secure-port: + ocp4-stig-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-ca: + ocp4-stig-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-private-key: + ocp4-stig-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-use-service-account: + ocp4-stig-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-auto-tls: + ocp4-stig-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-cert-file: + ocp4-stig-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-client-cert-auth: + ocp4-stig-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-key-file: + ocp4-stig-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-auto-tls: + ocp4-stig-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-client-cert-auth: + ocp4-stig-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-file-groupowner-proxy-kubeconfig: + ocp4-stig-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-integrity-exists: + ocp4-stig-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-file-owner-proxy-kubeconfig: + ocp4-stig-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-permissions-proxy-kubeconfig: + ocp4-stig-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-fips-mode-enabled-on-all-nodes: + ocp4-stig-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-stig-general-apply-scc: + ocp4-stig-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-configure-imagepolicywebhook: + ocp4-stig-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-namespace-use: + ocp4-stig-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-seccomp-profile: + ocp4-stig-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-namespaces-in-use: + ocp4-stig-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-idp-is-configured: + ocp4-stig-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-stig-image-pruner-active: + ocp4-stig-image-pruner-active: default_result: PASS result_after_remediation: PASS - e2e-stig-imagestream-sets-schedule: + ocp4-stig-imagestream-sets-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-ingress-controller-tls-security-profile: + ocp4-stig-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-kubeadmin-removed: + ocp4-stig-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-stig-kubelet-disable-readonly-port: + ocp4-stig-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-stig-oauth-login-template-set: + ocp4-stig-oauth-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-logout-url-set: + ocp4-stig-oauth-logout-url-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-inactivity-timeout: + ocp4-stig-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-token-maxage: + ocp4-stig-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-provider-selection-set: + ocp4-stig-oauth-provider-selection-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-ocp-allowed-registries: + ocp4-stig-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-allowed-registries-for-import: + ocp4-stig-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-api-server-audit-log-maxbackup: + ocp4-stig-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-api-server-audit-log-maxsize: + ocp4-stig-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-idp-no-htpasswd: + ocp4-stig-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-allowed-registries-for-import: + ocp4-stig-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-registries: + ocp4-stig-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-no-ldap-insecure: + ocp4-stig-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-api-server-audit-log-path: + ocp4-stig-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-motd-exists: + ocp4-stig-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-network-policy: + ocp4-stig-project-config-and-template-network-policy: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-resource-quota: + ocp4-stig-project-config-and-template-resource-quota: default_result: FAIL result_after_remediation: PASS - e2e-stig-rbac-debug-role-protects-pprof: + ocp4-stig-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-stig-rbac-least-privilege: + ocp4-stig-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-cluster-admin: + ocp4-stig-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-secrets-access: + ocp4-stig-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-del: + ocp4-stig-rbac-logging-del: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-mod: + ocp4-stig-rbac-logging-mod: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-view: + ocp4-stig-rbac-logging-view: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-pod-creation-access: + ocp4-stig-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-wildcard-use: + ocp4-stig-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-resource-requests-quota-per-project: + ocp4-stig-resource-requests-quota-per-project: default_result: PASS - e2e-stig-routes-rate-limit: + ocp4-stig-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettingbinding-exists: + ocp4-stig-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettings-have-schedule: + ocp4-stig-scansettings-have-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-drop-container-capabilities: + ocp4-stig-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-container-allowed-capabilities: + ocp4-stig-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-limit-host-dir-volume-plugin: + ocp4-stig-scc-limit-host-dir-volume-plugin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-host-ports: + ocp4-stig-scc-limit-host-ports: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-ipc-namespace: + ocp4-stig-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-net-raw-capability: + ocp4-stig-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-network-namespace: + ocp4-stig-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privilege-escalation: + ocp4-stig-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privileged-containers: + ocp4-stig-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-process-id-namespace: + ocp4-stig-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-root-containers: + ocp4-stig-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-consider-external-storage: + ocp4-stig-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-no-environment-variables: + ocp4-stig-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-stig-4.17.yml b/tests/assertions/ocp4/ocp4-stig-4.17.yml index 31297aa26e3..297056a33cd 100644 --- a/tests/assertions/ocp4/ocp4-stig-4.17.yml +++ b/tests/assertions/ocp4/ocp4-stig-4.17.yml @@ -1,369 +1,369 @@ rule_results: - e2e-stig-accounts-restrict-service-account-tokens: + ocp4-stig-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-accounts-unique-service-account: + ocp4-stig-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-api-server-admission-control-plugin-alwaysadmit: + ocp4-stig-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-alwayspullimages: + ocp4-stig-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-namespacelifecycle: + ocp4-stig-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-noderestriction: + ocp4-stig-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-scc: + ocp4-stig-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-securitycontextdeny: + ocp4-stig-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-service-account: + ocp4-stig-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-anonymous-auth: + ocp4-stig-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-flowschema-catch-all: + ocp4-stig-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-gate-enabled: + ocp4-stig-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-audit-log-maxbackup: + ocp4-stig-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-maxsize: + ocp4-stig-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-path: + ocp4-stig-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-no-aa: + ocp4-stig-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-node: + ocp4-stig-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-rbac: + ocp4-stig-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-basic-auth: + ocp4-stig-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-bind-address: + ocp4-stig-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-encryption-provider-cipher: + ocp4-stig-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-stig-api-server-etcd-cert: + ocp4-stig-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-etcd-key: + ocp4-stig-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-https-for-kubelet-conn: + ocp4-stig-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-bind-address: + ocp4-stig-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-port: + ocp4-stig-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-certificate-authority: + ocp4-stig-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert: + ocp4-stig-api-server-kubelet-client-cert: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-cert-pre-4-9: + ocp4-stig-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key: + ocp4-stig-api-server-kubelet-client-key: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key-pre-4-9: + ocp4-stig-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-no-adm-ctrl-plugins-disabled: + ocp4-stig-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-oauth-https-serving-cert: + ocp4-stig-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-openshift-https-serving-cert: + ocp4-stig-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-profiling-protected-by-rbac: + ocp4-stig-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-request-timeout: + ocp4-stig-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-lookup: + ocp4-stig-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-public-key: + ocp4-stig-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-cipher-suites: + ocp4-stig-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-security-profile: + ocp4-stig-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-token-auth: + ocp4-stig-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-error-alert-exists: + ocp4-stig-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-log-forwarding-enabled: + ocp4-stig-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-log-forwarding-uses-tls: + ocp4-stig-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-profile-set: + ocp4-stig-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-classification-banner: + ocp4-stig-classification-banner: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-logging-operator-exist: + ocp4-stig-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-version-operator-exists: + ocp4-stig-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-cluster-version-operator-verify-integrity: + ocp4-stig-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies: + ocp4-stig-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies-namespaces: + ocp4-stig-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-stig-container-security-operator-exists: + ocp4-stig-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-controller-insecure-port-disabled: + ocp4-stig-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-rotate-kubelet-server-certs: + ocp4-stig-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-controller-secure-port: + ocp4-stig-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-ca: + ocp4-stig-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-private-key: + ocp4-stig-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-use-service-account: + ocp4-stig-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-auto-tls: + ocp4-stig-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-cert-file: + ocp4-stig-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-client-cert-auth: + ocp4-stig-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-key-file: + ocp4-stig-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-auto-tls: + ocp4-stig-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-client-cert-auth: + ocp4-stig-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-file-groupowner-proxy-kubeconfig: + ocp4-stig-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-integrity-exists: + ocp4-stig-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-file-owner-proxy-kubeconfig: + ocp4-stig-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-permissions-proxy-kubeconfig: + ocp4-stig-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-fips-mode-enabled-on-all-nodes: + ocp4-stig-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-stig-general-apply-scc: + ocp4-stig-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-configure-imagepolicywebhook: + ocp4-stig-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-namespace-use: + ocp4-stig-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-seccomp-profile: + ocp4-stig-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-namespaces-in-use: + ocp4-stig-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-idp-is-configured: + ocp4-stig-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-stig-image-pruner-active: + ocp4-stig-image-pruner-active: default_result: PASS result_after_remediation: PASS - e2e-stig-imagestream-sets-schedule: + ocp4-stig-imagestream-sets-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-ingress-controller-tls-security-profile: + ocp4-stig-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-kubeadmin-removed: + ocp4-stig-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-stig-kubelet-disable-readonly-port: + ocp4-stig-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-stig-oauth-login-template-set: + ocp4-stig-oauth-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-logout-url-set: + ocp4-stig-oauth-logout-url-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-inactivity-timeout: + ocp4-stig-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-token-maxage: + ocp4-stig-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-provider-selection-set: + ocp4-stig-oauth-provider-selection-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-ocp-allowed-registries: + ocp4-stig-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-allowed-registries-for-import: + ocp4-stig-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-api-server-audit-log-maxbackup: + ocp4-stig-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-api-server-audit-log-maxsize: + ocp4-stig-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-idp-no-htpasswd: + ocp4-stig-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-allowed-registries-for-import: + ocp4-stig-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-registries: + ocp4-stig-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-no-ldap-insecure: + ocp4-stig-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-api-server-audit-log-path: + ocp4-stig-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-motd-exists: + ocp4-stig-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-network-policy: + ocp4-stig-project-config-and-template-network-policy: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-resource-quota: + ocp4-stig-project-config-and-template-resource-quota: default_result: FAIL result_after_remediation: PASS - e2e-stig-rbac-debug-role-protects-pprof: + ocp4-stig-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-stig-rbac-least-privilege: + ocp4-stig-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-cluster-admin: + ocp4-stig-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-secrets-access: + ocp4-stig-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-del: + ocp4-stig-rbac-logging-del: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-mod: + ocp4-stig-rbac-logging-mod: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-view: + ocp4-stig-rbac-logging-view: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-pod-creation-access: + ocp4-stig-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-wildcard-use: + ocp4-stig-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-resource-requests-quota-per-project: + ocp4-stig-resource-requests-quota-per-project: default_result: PASS - e2e-stig-routes-rate-limit: + ocp4-stig-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettingbinding-exists: + ocp4-stig-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettings-have-schedule: + ocp4-stig-scansettings-have-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-drop-container-capabilities: + ocp4-stig-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-container-allowed-capabilities: + ocp4-stig-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-limit-host-dir-volume-plugin: + ocp4-stig-scc-limit-host-dir-volume-plugin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-host-ports: + ocp4-stig-scc-limit-host-ports: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-ipc-namespace: + ocp4-stig-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-net-raw-capability: + ocp4-stig-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-network-namespace: + ocp4-stig-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privilege-escalation: + ocp4-stig-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privileged-containers: + ocp4-stig-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-process-id-namespace: + ocp4-stig-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-root-containers: + ocp4-stig-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-consider-external-storage: + ocp4-stig-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-no-environment-variables: + ocp4-stig-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-stig-4.18.yml b/tests/assertions/ocp4/ocp4-stig-4.18.yml index 31297aa26e3..297056a33cd 100644 --- a/tests/assertions/ocp4/ocp4-stig-4.18.yml +++ b/tests/assertions/ocp4/ocp4-stig-4.18.yml @@ -1,369 +1,369 @@ rule_results: - e2e-stig-accounts-restrict-service-account-tokens: + ocp4-stig-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-accounts-unique-service-account: + ocp4-stig-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-api-server-admission-control-plugin-alwaysadmit: + ocp4-stig-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-alwayspullimages: + ocp4-stig-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-namespacelifecycle: + ocp4-stig-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-noderestriction: + ocp4-stig-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-scc: + ocp4-stig-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-securitycontextdeny: + ocp4-stig-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-service-account: + ocp4-stig-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-anonymous-auth: + ocp4-stig-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-flowschema-catch-all: + ocp4-stig-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-gate-enabled: + ocp4-stig-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-audit-log-maxbackup: + ocp4-stig-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-maxsize: + ocp4-stig-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-path: + ocp4-stig-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-no-aa: + ocp4-stig-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-node: + ocp4-stig-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-rbac: + ocp4-stig-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-basic-auth: + ocp4-stig-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-bind-address: + ocp4-stig-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-encryption-provider-cipher: + ocp4-stig-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-stig-api-server-etcd-cert: + ocp4-stig-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-etcd-key: + ocp4-stig-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-https-for-kubelet-conn: + ocp4-stig-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-bind-address: + ocp4-stig-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-port: + ocp4-stig-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-certificate-authority: + ocp4-stig-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert: + ocp4-stig-api-server-kubelet-client-cert: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-cert-pre-4-9: + ocp4-stig-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key: + ocp4-stig-api-server-kubelet-client-key: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key-pre-4-9: + ocp4-stig-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-no-adm-ctrl-plugins-disabled: + ocp4-stig-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-oauth-https-serving-cert: + ocp4-stig-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-openshift-https-serving-cert: + ocp4-stig-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-profiling-protected-by-rbac: + ocp4-stig-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-request-timeout: + ocp4-stig-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-lookup: + ocp4-stig-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-public-key: + ocp4-stig-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-cipher-suites: + ocp4-stig-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-security-profile: + ocp4-stig-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-token-auth: + ocp4-stig-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-error-alert-exists: + ocp4-stig-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-log-forwarding-enabled: + ocp4-stig-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-log-forwarding-uses-tls: + ocp4-stig-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-profile-set: + ocp4-stig-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-classification-banner: + ocp4-stig-classification-banner: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-logging-operator-exist: + ocp4-stig-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-version-operator-exists: + ocp4-stig-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-cluster-version-operator-verify-integrity: + ocp4-stig-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies: + ocp4-stig-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies-namespaces: + ocp4-stig-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-stig-container-security-operator-exists: + ocp4-stig-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-controller-insecure-port-disabled: + ocp4-stig-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-rotate-kubelet-server-certs: + ocp4-stig-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-controller-secure-port: + ocp4-stig-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-ca: + ocp4-stig-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-private-key: + ocp4-stig-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-use-service-account: + ocp4-stig-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-auto-tls: + ocp4-stig-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-cert-file: + ocp4-stig-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-client-cert-auth: + ocp4-stig-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-key-file: + ocp4-stig-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-auto-tls: + ocp4-stig-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-client-cert-auth: + ocp4-stig-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-file-groupowner-proxy-kubeconfig: + ocp4-stig-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-integrity-exists: + ocp4-stig-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-file-owner-proxy-kubeconfig: + ocp4-stig-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-permissions-proxy-kubeconfig: + ocp4-stig-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-fips-mode-enabled-on-all-nodes: + ocp4-stig-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-stig-general-apply-scc: + ocp4-stig-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-configure-imagepolicywebhook: + ocp4-stig-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-namespace-use: + ocp4-stig-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-seccomp-profile: + ocp4-stig-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-namespaces-in-use: + ocp4-stig-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-idp-is-configured: + ocp4-stig-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-stig-image-pruner-active: + ocp4-stig-image-pruner-active: default_result: PASS result_after_remediation: PASS - e2e-stig-imagestream-sets-schedule: + ocp4-stig-imagestream-sets-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-ingress-controller-tls-security-profile: + ocp4-stig-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-kubeadmin-removed: + ocp4-stig-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-stig-kubelet-disable-readonly-port: + ocp4-stig-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-stig-oauth-login-template-set: + ocp4-stig-oauth-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-logout-url-set: + ocp4-stig-oauth-logout-url-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-inactivity-timeout: + ocp4-stig-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-token-maxage: + ocp4-stig-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-provider-selection-set: + ocp4-stig-oauth-provider-selection-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-ocp-allowed-registries: + ocp4-stig-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-allowed-registries-for-import: + ocp4-stig-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-api-server-audit-log-maxbackup: + ocp4-stig-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-api-server-audit-log-maxsize: + ocp4-stig-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-idp-no-htpasswd: + ocp4-stig-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-allowed-registries-for-import: + ocp4-stig-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-registries: + ocp4-stig-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-no-ldap-insecure: + ocp4-stig-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-api-server-audit-log-path: + ocp4-stig-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-motd-exists: + ocp4-stig-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-network-policy: + ocp4-stig-project-config-and-template-network-policy: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-resource-quota: + ocp4-stig-project-config-and-template-resource-quota: default_result: FAIL result_after_remediation: PASS - e2e-stig-rbac-debug-role-protects-pprof: + ocp4-stig-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-stig-rbac-least-privilege: + ocp4-stig-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-cluster-admin: + ocp4-stig-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-secrets-access: + ocp4-stig-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-del: + ocp4-stig-rbac-logging-del: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-mod: + ocp4-stig-rbac-logging-mod: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-view: + ocp4-stig-rbac-logging-view: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-pod-creation-access: + ocp4-stig-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-wildcard-use: + ocp4-stig-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-resource-requests-quota-per-project: + ocp4-stig-resource-requests-quota-per-project: default_result: PASS - e2e-stig-routes-rate-limit: + ocp4-stig-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettingbinding-exists: + ocp4-stig-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettings-have-schedule: + ocp4-stig-scansettings-have-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-drop-container-capabilities: + ocp4-stig-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-container-allowed-capabilities: + ocp4-stig-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-limit-host-dir-volume-plugin: + ocp4-stig-scc-limit-host-dir-volume-plugin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-host-ports: + ocp4-stig-scc-limit-host-ports: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-ipc-namespace: + ocp4-stig-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-net-raw-capability: + ocp4-stig-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-network-namespace: + ocp4-stig-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privilege-escalation: + ocp4-stig-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privileged-containers: + ocp4-stig-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-process-id-namespace: + ocp4-stig-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-root-containers: + ocp4-stig-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-consider-external-storage: + ocp4-stig-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-no-environment-variables: + ocp4-stig-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-stig-node-4.12.yml b/tests/assertions/ocp4/ocp4-stig-node-4.12.yml index 2e18d4c650a..9ff91624361 100644 --- a/tests/assertions/ocp4/ocp4-stig-node-4.12.yml +++ b/tests/assertions/ocp4/ocp4-stig-node-4.12.yml @@ -1,655 +1,655 @@ rule_results: - e2e-stig-node-master-etcd-unique-ca: + ocp4-stig-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-cni-conf: + ocp4-stig-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-dir: + ocp4-stig-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-files: + ocp4-stig-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-member: + ocp4-stig-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ip-allocations: + ocp4-stig-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-kube-apiserver: + ocp4-stig-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-controller-manager: + ocp4-stig-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-scheduler: + ocp4-stig-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kubelet-conf: + ocp4-stig-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-multus-conf: + ocp4-stig-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovn-db-files: + ocp4-stig-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-pid: + ocp4-stig-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-ca: + ocp4-stig-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-kubeconfig: + ocp4-stig-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-service: + ocp4-stig-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-cni-conf: + ocp4-stig-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-dir: + ocp4-stig-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-files: + ocp4-stig-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-member: + ocp4-stig-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-pki-cert-files: + ocp4-stig-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-master-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ip-allocations: + ocp4-stig-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-kube-apiserver: + ocp4-stig-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-controller-manager: + ocp4-stig-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-scheduler: + ocp4-stig-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet: + ocp4-stig-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet-conf: + ocp4-stig-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-multus-conf: + ocp4-stig-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-cert-files: + ocp4-stig-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-key-files: + ocp4-stig-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-ovn-cni-server-sock: + ocp4-stig-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovn-db-files: + ocp4-stig-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db: + ocp4-stig-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db-lock: + ocp4-stig-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-pid: + ocp4-stig-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-sys-id-conf: + ocp4-stig-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovsdb-server-pid: + ocp4-stig-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-scheduler-kubeconfig: + ocp4-stig-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-ca: + ocp4-stig-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-kubeconfig: + ocp4-stig-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-service: + ocp4-stig-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-cni-conf: + ocp4-stig-node-master-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-stig-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-dir: + ocp4-stig-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-files: + ocp4-stig-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-member: + ocp4-stig-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ip-allocations: + ocp4-stig-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-permissions-kube-apiserver: + ocp4-stig-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kube-controller-manager: + ocp4-stig-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet: + ocp4-stig-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet-conf: + ocp4-stig-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-multus-conf: + ocp4-stig-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-key-files: + ocp4-stig-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-db-files: + ocp4-stig-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db: + ocp4-stig-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-pid: + ocp4-stig-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovsdb-server-pid: + ocp4-stig-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler: + ocp4-stig-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-ca: + ocp4-stig-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-kubeconfig: + ocp4-stig-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-service: + ocp4-stig-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-kubelet-anonymous-auth: + ocp4-stig-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-authorization-mode: + ocp4-stig-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-client-ca: + ocp4-stig-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-event-creation: + ocp4-stig-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-min-version: + ocp4-stig-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-cert-rotation: + ocp4-stig-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-client-cert-rotation: + ocp4-stig-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-iptables-util-chains: + ocp4-stig-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-master-kubelet-enable-protect-kernel-defaults: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-server-cert-rotation: + ocp4-stig-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-streaming-connections: + ocp4-stig-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-reject-unsigned-images-by-default: + ocp4-stig-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-etcd-unique-ca: + ocp4-stig-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-cni-conf: + ocp4-stig-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-dir: + ocp4-stig-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-files: + ocp4-stig-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-member: + ocp4-stig-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ip-allocations: + ocp4-stig-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-apiserver: + ocp4-stig-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-controller-manager: + ocp4-stig-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-scheduler: + ocp4-stig-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kubelet-conf: + ocp4-stig-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-multus-conf: + ocp4-stig-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovn-db-files: + ocp4-stig-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-pid: + ocp4-stig-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-worker-ca: + ocp4-stig-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-kubeconfig: + ocp4-stig-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-service: + ocp4-stig-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-cni-conf: + ocp4-stig-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-dir: + ocp4-stig-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-files: + ocp4-stig-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-member: + ocp4-stig-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-worker-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ip-allocations: + ocp4-stig-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-apiserver: + ocp4-stig-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-controller-manager: + ocp4-stig-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-scheduler: + ocp4-stig-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kubelet: + ocp4-stig-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-kubelet-conf: + ocp4-stig-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-multus-conf: + ocp4-stig-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-pki-key-files: + ocp4-stig-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovn-db-files: + ocp4-stig-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db: + ocp4-stig-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-pid: + ocp4-stig-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovsdb-server-pid: + ocp4-stig-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-worker-ca: + ocp4-stig-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-kubeconfig: + ocp4-stig-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-service: + ocp4-stig-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-cni-conf: + ocp4-stig-node-worker-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-stig-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-dir: + ocp4-stig-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-files: + ocp4-stig-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-member: + ocp4-stig-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ip-allocations: + ocp4-stig-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-apiserver: + ocp4-stig-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-controller-manager: + ocp4-stig-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kubelet: + ocp4-stig-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-kubelet-conf: + ocp4-stig-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-multus-conf: + ocp4-stig-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-openshift-pki-key-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovn-db-files: + ocp4-stig-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db: + ocp4-stig-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-pid: + ocp4-stig-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovsdb-server-pid: + ocp4-stig-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-scheduler: + ocp4-stig-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-worker-ca: + ocp4-stig-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-kubeconfig: + ocp4-stig-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-service: + ocp4-stig-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-kubelet-anonymous-auth: + ocp4-stig-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-authorization-mode: + ocp4-stig-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-client-ca: + ocp4-stig-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-event-creation: + ocp4-stig-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-min-version: + ocp4-stig-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-client-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-iptables-util-chains: + ocp4-stig-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-defaults: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-server-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-streaming-connections: + ocp4-stig-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-reject-unsigned-images-by-default: + ocp4-stig-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-stig-node-4.13.yml b/tests/assertions/ocp4/ocp4-stig-node-4.13.yml index a0706fae825..2ec0748024a 100644 --- a/tests/assertions/ocp4/ocp4-stig-node-4.13.yml +++ b/tests/assertions/ocp4/ocp4-stig-node-4.13.yml @@ -1,641 +1,641 @@ rule_results: - e2e-stig-node-master-etcd-unique-ca: + ocp4-stig-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-cni-conf: + ocp4-stig-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-dir: + ocp4-stig-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-files: + ocp4-stig-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-member: + ocp4-stig-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ip-allocations: + ocp4-stig-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-kube-apiserver: + ocp4-stig-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-controller-manager: + ocp4-stig-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-scheduler: + ocp4-stig-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kubelet-conf: + ocp4-stig-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-multus-conf: + ocp4-stig-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-groupowner-ovn-db-files: + ocp4-stig-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-pid: + ocp4-stig-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-ca: + ocp4-stig-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-kubeconfig: + ocp4-stig-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-service: + ocp4-stig-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-cni-conf: + ocp4-stig-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-dir: + ocp4-stig-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-files: + ocp4-stig-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-member: + ocp4-stig-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-pki-cert-files: + ocp4-stig-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-master-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ip-allocations: + ocp4-stig-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-kube-apiserver: + ocp4-stig-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-controller-manager: + ocp4-stig-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-scheduler: + ocp4-stig-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet: + ocp4-stig-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet-conf: + ocp4-stig-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-multus-conf: + ocp4-stig-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-cert-files: + ocp4-stig-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-key-files: + ocp4-stig-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-ovn-cni-server-sock: + ocp4-stig-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-owner-ovn-db-files: + ocp4-stig-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-owner-ovs-conf-db: + ocp4-stig-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db-lock: + ocp4-stig-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-pid: + ocp4-stig-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-sys-id-conf: + ocp4-stig-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovsdb-server-pid: + ocp4-stig-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-scheduler-kubeconfig: + ocp4-stig-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-ca: + ocp4-stig-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-kubeconfig: + ocp4-stig-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-service: + ocp4-stig-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-cni-conf: + ocp4-stig-node-master-file-permissions-cni-conf: default_result: FAIL - e2e-stig-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-dir: + ocp4-stig-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-files: + ocp4-stig-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-member: + ocp4-stig-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ip-allocations: + ocp4-stig-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-permissions-kube-apiserver: + ocp4-stig-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kube-controller-manager: + ocp4-stig-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet: + ocp4-stig-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet-conf: + ocp4-stig-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-multus-conf: + ocp4-stig-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-key-files: + ocp4-stig-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-permissions-ovn-db-files: + ocp4-stig-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db: + ocp4-stig-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-pid: + ocp4-stig-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovsdb-server-pid: + ocp4-stig-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler: + ocp4-stig-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-ca: + ocp4-stig-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-kubeconfig: + ocp4-stig-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-service: + ocp4-stig-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-kubelet-anonymous-auth: + ocp4-stig-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-authorization-mode: + ocp4-stig-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-client-ca: + ocp4-stig-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-event-creation: + ocp4-stig-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-min-version: + ocp4-stig-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-cert-rotation: + ocp4-stig-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-client-cert-rotation: + ocp4-stig-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-iptables-util-chains: + ocp4-stig-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-server-cert-rotation: + ocp4-stig-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-streaming-connections: + ocp4-stig-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-reject-unsigned-images-by-default: + ocp4-stig-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-etcd-unique-ca: + ocp4-stig-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-cni-conf: + ocp4-stig-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-dir: + ocp4-stig-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-files: + ocp4-stig-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-member: + ocp4-stig-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ip-allocations: + ocp4-stig-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-apiserver: + ocp4-stig-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-controller-manager: + ocp4-stig-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-scheduler: + ocp4-stig-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kubelet-conf: + ocp4-stig-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-multus-conf: + ocp4-stig-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovn-db-files: + ocp4-stig-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-pid: + ocp4-stig-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-worker-ca: + ocp4-stig-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-kubeconfig: + ocp4-stig-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-service: + ocp4-stig-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-cni-conf: + ocp4-stig-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-dir: + ocp4-stig-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-files: + ocp4-stig-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-member: + ocp4-stig-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-worker-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ip-allocations: + ocp4-stig-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-apiserver: + ocp4-stig-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-controller-manager: + ocp4-stig-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-scheduler: + ocp4-stig-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kubelet: + ocp4-stig-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-kubelet-conf: + ocp4-stig-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-multus-conf: + ocp4-stig-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-pki-key-files: + ocp4-stig-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-owner-ovn-db-files: + ocp4-stig-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db: + ocp4-stig-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-pid: + ocp4-stig-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovsdb-server-pid: + ocp4-stig-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-worker-ca: + ocp4-stig-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-kubeconfig: + ocp4-stig-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-service: + ocp4-stig-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-cni-conf: + ocp4-stig-node-worker-file-permissions-cni-conf: default_result: FAIL - e2e-stig-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-dir: + ocp4-stig-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-files: + ocp4-stig-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-member: + ocp4-stig-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ip-allocations: + ocp4-stig-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-apiserver: + ocp4-stig-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-controller-manager: + ocp4-stig-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kubelet: + ocp4-stig-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-kubelet-conf: + ocp4-stig-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-multus-conf: + ocp4-stig-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-openshift-pki-key-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-permissions-ovn-db-files: + ocp4-stig-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db: + ocp4-stig-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-pid: + ocp4-stig-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovsdb-server-pid: + ocp4-stig-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-scheduler: + ocp4-stig-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-worker-ca: + ocp4-stig-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-kubeconfig: + ocp4-stig-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-service: + ocp4-stig-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-kubelet-anonymous-auth: + ocp4-stig-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-authorization-mode: + ocp4-stig-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-client-ca: + ocp4-stig-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-event-creation: + ocp4-stig-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-min-version: + ocp4-stig-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-client-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-iptables-util-chains: + ocp4-stig-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-server-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-streaming-connections: + ocp4-stig-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-reject-unsigned-images-by-default: + ocp4-stig-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-stig-node-4.14.yml b/tests/assertions/ocp4/ocp4-stig-node-4.14.yml index 1772d69360e..21d7e4cd241 100644 --- a/tests/assertions/ocp4/ocp4-stig-node-4.14.yml +++ b/tests/assertions/ocp4/ocp4-stig-node-4.14.yml @@ -1,641 +1,641 @@ rule_results: - e2e-stig-node-master-etcd-unique-ca: + ocp4-stig-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-cni-conf: + ocp4-stig-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-dir: + ocp4-stig-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-files: + ocp4-stig-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-member: + ocp4-stig-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ip-allocations: + ocp4-stig-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-kube-apiserver: + ocp4-stig-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-controller-manager: + ocp4-stig-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-scheduler: + ocp4-stig-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kubelet-conf: + ocp4-stig-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-multus-conf: + ocp4-stig-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-groupowner-ovn-db-files: + ocp4-stig-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-pid: + ocp4-stig-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-ca: + ocp4-stig-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-kubeconfig: + ocp4-stig-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-service: + ocp4-stig-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-cni-conf: + ocp4-stig-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-dir: + ocp4-stig-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-files: + ocp4-stig-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-member: + ocp4-stig-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-pki-cert-files: + ocp4-stig-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-master-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ip-allocations: + ocp4-stig-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-kube-apiserver: + ocp4-stig-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-controller-manager: + ocp4-stig-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-scheduler: + ocp4-stig-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet: + ocp4-stig-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet-conf: + ocp4-stig-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-multus-conf: + ocp4-stig-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-cert-files: + ocp4-stig-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-key-files: + ocp4-stig-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-ovn-cni-server-sock: + ocp4-stig-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-owner-ovn-db-files: + ocp4-stig-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-owner-ovs-conf-db: + ocp4-stig-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db-lock: + ocp4-stig-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-pid: + ocp4-stig-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-sys-id-conf: + ocp4-stig-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovsdb-server-pid: + ocp4-stig-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-scheduler-kubeconfig: + ocp4-stig-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-ca: + ocp4-stig-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-kubeconfig: + ocp4-stig-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-service: + ocp4-stig-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-cni-conf: + ocp4-stig-node-master-file-permissions-cni-conf: default_result: PASS - e2e-stig-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-dir: + ocp4-stig-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-files: + ocp4-stig-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-member: + ocp4-stig-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ip-allocations: + ocp4-stig-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-permissions-kube-apiserver: + ocp4-stig-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kube-controller-manager: + ocp4-stig-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet: + ocp4-stig-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet-conf: + ocp4-stig-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-multus-conf: + ocp4-stig-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-key-files: + ocp4-stig-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-permissions-ovn-db-files: + ocp4-stig-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db: + ocp4-stig-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-pid: + ocp4-stig-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovsdb-server-pid: + ocp4-stig-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler: + ocp4-stig-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-ca: + ocp4-stig-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-kubeconfig: + ocp4-stig-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-service: + ocp4-stig-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-kubelet-anonymous-auth: + ocp4-stig-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-authorization-mode: + ocp4-stig-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-client-ca: + ocp4-stig-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-event-creation: + ocp4-stig-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-min-version: + ocp4-stig-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-cert-rotation: + ocp4-stig-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-client-cert-rotation: + ocp4-stig-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-iptables-util-chains: + ocp4-stig-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-server-cert-rotation: + ocp4-stig-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-streaming-connections: + ocp4-stig-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-reject-unsigned-images-by-default: + ocp4-stig-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-etcd-unique-ca: + ocp4-stig-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-cni-conf: + ocp4-stig-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-dir: + ocp4-stig-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-files: + ocp4-stig-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-member: + ocp4-stig-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ip-allocations: + ocp4-stig-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-apiserver: + ocp4-stig-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-controller-manager: + ocp4-stig-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-scheduler: + ocp4-stig-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kubelet-conf: + ocp4-stig-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-multus-conf: + ocp4-stig-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovn-db-files: + ocp4-stig-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-pid: + ocp4-stig-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-worker-ca: + ocp4-stig-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-kubeconfig: + ocp4-stig-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-service: + ocp4-stig-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-cni-conf: + ocp4-stig-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-dir: + ocp4-stig-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-files: + ocp4-stig-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-member: + ocp4-stig-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-worker-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ip-allocations: + ocp4-stig-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-apiserver: + ocp4-stig-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-controller-manager: + ocp4-stig-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-scheduler: + ocp4-stig-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kubelet: + ocp4-stig-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-kubelet-conf: + ocp4-stig-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-multus-conf: + ocp4-stig-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-pki-key-files: + ocp4-stig-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-owner-ovn-db-files: + ocp4-stig-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db: + ocp4-stig-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-pid: + ocp4-stig-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovsdb-server-pid: + ocp4-stig-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-worker-ca: + ocp4-stig-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-kubeconfig: + ocp4-stig-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-service: + ocp4-stig-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-cni-conf: + ocp4-stig-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-stig-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-dir: + ocp4-stig-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-files: + ocp4-stig-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-member: + ocp4-stig-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ip-allocations: + ocp4-stig-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-apiserver: + ocp4-stig-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-controller-manager: + ocp4-stig-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kubelet: + ocp4-stig-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-kubelet-conf: + ocp4-stig-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-multus-conf: + ocp4-stig-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-openshift-pki-key-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-permissions-ovn-db-files: + ocp4-stig-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db: + ocp4-stig-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-pid: + ocp4-stig-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovsdb-server-pid: + ocp4-stig-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-scheduler: + ocp4-stig-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-worker-ca: + ocp4-stig-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-kubeconfig: + ocp4-stig-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-service: + ocp4-stig-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-kubelet-anonymous-auth: + ocp4-stig-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-authorization-mode: + ocp4-stig-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-client-ca: + ocp4-stig-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-event-creation: + ocp4-stig-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-min-version: + ocp4-stig-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-client-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-iptables-util-chains: + ocp4-stig-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-server-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-streaming-connections: + ocp4-stig-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-reject-unsigned-images-by-default: + ocp4-stig-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-stig-node-4.15.yml b/tests/assertions/ocp4/ocp4-stig-node-4.15.yml index 1772d69360e..21d7e4cd241 100644 --- a/tests/assertions/ocp4/ocp4-stig-node-4.15.yml +++ b/tests/assertions/ocp4/ocp4-stig-node-4.15.yml @@ -1,641 +1,641 @@ rule_results: - e2e-stig-node-master-etcd-unique-ca: + ocp4-stig-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-cni-conf: + ocp4-stig-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-dir: + ocp4-stig-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-files: + ocp4-stig-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-member: + ocp4-stig-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ip-allocations: + ocp4-stig-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-kube-apiserver: + ocp4-stig-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-controller-manager: + ocp4-stig-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-scheduler: + ocp4-stig-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kubelet-conf: + ocp4-stig-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-multus-conf: + ocp4-stig-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-groupowner-ovn-db-files: + ocp4-stig-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-pid: + ocp4-stig-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-ca: + ocp4-stig-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-kubeconfig: + ocp4-stig-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-service: + ocp4-stig-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-cni-conf: + ocp4-stig-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-dir: + ocp4-stig-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-files: + ocp4-stig-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-member: + ocp4-stig-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-pki-cert-files: + ocp4-stig-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-master-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ip-allocations: + ocp4-stig-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-kube-apiserver: + ocp4-stig-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-controller-manager: + ocp4-stig-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-scheduler: + ocp4-stig-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet: + ocp4-stig-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet-conf: + ocp4-stig-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-multus-conf: + ocp4-stig-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-cert-files: + ocp4-stig-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-key-files: + ocp4-stig-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-ovn-cni-server-sock: + ocp4-stig-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-owner-ovn-db-files: + ocp4-stig-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-owner-ovs-conf-db: + ocp4-stig-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db-lock: + ocp4-stig-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-pid: + ocp4-stig-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-sys-id-conf: + ocp4-stig-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovsdb-server-pid: + ocp4-stig-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-scheduler-kubeconfig: + ocp4-stig-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-ca: + ocp4-stig-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-kubeconfig: + ocp4-stig-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-service: + ocp4-stig-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-cni-conf: + ocp4-stig-node-master-file-permissions-cni-conf: default_result: PASS - e2e-stig-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-dir: + ocp4-stig-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-files: + ocp4-stig-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-member: + ocp4-stig-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ip-allocations: + ocp4-stig-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-permissions-kube-apiserver: + ocp4-stig-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kube-controller-manager: + ocp4-stig-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet: + ocp4-stig-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet-conf: + ocp4-stig-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-multus-conf: + ocp4-stig-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-key-files: + ocp4-stig-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-permissions-ovn-db-files: + ocp4-stig-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db: + ocp4-stig-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-pid: + ocp4-stig-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovsdb-server-pid: + ocp4-stig-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler: + ocp4-stig-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-ca: + ocp4-stig-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-kubeconfig: + ocp4-stig-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-service: + ocp4-stig-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-kubelet-anonymous-auth: + ocp4-stig-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-authorization-mode: + ocp4-stig-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-client-ca: + ocp4-stig-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-event-creation: + ocp4-stig-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-min-version: + ocp4-stig-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-cert-rotation: + ocp4-stig-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-client-cert-rotation: + ocp4-stig-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-iptables-util-chains: + ocp4-stig-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-server-cert-rotation: + ocp4-stig-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-streaming-connections: + ocp4-stig-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-reject-unsigned-images-by-default: + ocp4-stig-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-etcd-unique-ca: + ocp4-stig-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-cni-conf: + ocp4-stig-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-dir: + ocp4-stig-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-files: + ocp4-stig-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-member: + ocp4-stig-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ip-allocations: + ocp4-stig-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-apiserver: + ocp4-stig-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-controller-manager: + ocp4-stig-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-scheduler: + ocp4-stig-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kubelet-conf: + ocp4-stig-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-multus-conf: + ocp4-stig-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovn-db-files: + ocp4-stig-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-pid: + ocp4-stig-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-worker-ca: + ocp4-stig-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-kubeconfig: + ocp4-stig-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-service: + ocp4-stig-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-cni-conf: + ocp4-stig-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-dir: + ocp4-stig-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-files: + ocp4-stig-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-member: + ocp4-stig-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-worker-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ip-allocations: + ocp4-stig-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-apiserver: + ocp4-stig-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-controller-manager: + ocp4-stig-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-scheduler: + ocp4-stig-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kubelet: + ocp4-stig-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-kubelet-conf: + ocp4-stig-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-multus-conf: + ocp4-stig-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-pki-key-files: + ocp4-stig-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-owner-ovn-db-files: + ocp4-stig-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db: + ocp4-stig-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-pid: + ocp4-stig-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovsdb-server-pid: + ocp4-stig-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-worker-ca: + ocp4-stig-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-kubeconfig: + ocp4-stig-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-service: + ocp4-stig-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-cni-conf: + ocp4-stig-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-stig-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-dir: + ocp4-stig-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-files: + ocp4-stig-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-member: + ocp4-stig-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ip-allocations: + ocp4-stig-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-apiserver: + ocp4-stig-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-controller-manager: + ocp4-stig-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kubelet: + ocp4-stig-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-kubelet-conf: + ocp4-stig-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-multus-conf: + ocp4-stig-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-openshift-pki-key-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-permissions-ovn-db-files: + ocp4-stig-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db: + ocp4-stig-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-pid: + ocp4-stig-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovsdb-server-pid: + ocp4-stig-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-scheduler: + ocp4-stig-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-worker-ca: + ocp4-stig-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-kubeconfig: + ocp4-stig-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-service: + ocp4-stig-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-kubelet-anonymous-auth: + ocp4-stig-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-authorization-mode: + ocp4-stig-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-client-ca: + ocp4-stig-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-event-creation: + ocp4-stig-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-min-version: + ocp4-stig-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-client-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-iptables-util-chains: + ocp4-stig-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-server-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-streaming-connections: + ocp4-stig-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-reject-unsigned-images-by-default: + ocp4-stig-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-stig-node-4.16.yml b/tests/assertions/ocp4/ocp4-stig-node-4.16.yml index 1772d69360e..21d7e4cd241 100644 --- a/tests/assertions/ocp4/ocp4-stig-node-4.16.yml +++ b/tests/assertions/ocp4/ocp4-stig-node-4.16.yml @@ -1,641 +1,641 @@ rule_results: - e2e-stig-node-master-etcd-unique-ca: + ocp4-stig-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-cni-conf: + ocp4-stig-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-dir: + ocp4-stig-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-files: + ocp4-stig-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-member: + ocp4-stig-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ip-allocations: + ocp4-stig-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-kube-apiserver: + ocp4-stig-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-controller-manager: + ocp4-stig-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-scheduler: + ocp4-stig-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kubelet-conf: + ocp4-stig-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-multus-conf: + ocp4-stig-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-groupowner-ovn-db-files: + ocp4-stig-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-pid: + ocp4-stig-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-ca: + ocp4-stig-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-kubeconfig: + ocp4-stig-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-service: + ocp4-stig-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-cni-conf: + ocp4-stig-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-dir: + ocp4-stig-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-files: + ocp4-stig-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-member: + ocp4-stig-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-pki-cert-files: + ocp4-stig-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-master-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ip-allocations: + ocp4-stig-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-kube-apiserver: + ocp4-stig-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-controller-manager: + ocp4-stig-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-scheduler: + ocp4-stig-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet: + ocp4-stig-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet-conf: + ocp4-stig-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-multus-conf: + ocp4-stig-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-cert-files: + ocp4-stig-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-key-files: + ocp4-stig-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-ovn-cni-server-sock: + ocp4-stig-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-owner-ovn-db-files: + ocp4-stig-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-owner-ovs-conf-db: + ocp4-stig-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db-lock: + ocp4-stig-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-pid: + ocp4-stig-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-sys-id-conf: + ocp4-stig-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovsdb-server-pid: + ocp4-stig-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-scheduler-kubeconfig: + ocp4-stig-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-ca: + ocp4-stig-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-kubeconfig: + ocp4-stig-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-service: + ocp4-stig-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-cni-conf: + ocp4-stig-node-master-file-permissions-cni-conf: default_result: PASS - e2e-stig-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-dir: + ocp4-stig-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-files: + ocp4-stig-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-member: + ocp4-stig-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ip-allocations: + ocp4-stig-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-permissions-kube-apiserver: + ocp4-stig-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kube-controller-manager: + ocp4-stig-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet: + ocp4-stig-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet-conf: + ocp4-stig-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-multus-conf: + ocp4-stig-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-key-files: + ocp4-stig-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-permissions-ovn-db-files: + ocp4-stig-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db: + ocp4-stig-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-pid: + ocp4-stig-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovsdb-server-pid: + ocp4-stig-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler: + ocp4-stig-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-ca: + ocp4-stig-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-kubeconfig: + ocp4-stig-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-service: + ocp4-stig-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-kubelet-anonymous-auth: + ocp4-stig-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-authorization-mode: + ocp4-stig-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-client-ca: + ocp4-stig-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-event-creation: + ocp4-stig-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-min-version: + ocp4-stig-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-cert-rotation: + ocp4-stig-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-client-cert-rotation: + ocp4-stig-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-iptables-util-chains: + ocp4-stig-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-server-cert-rotation: + ocp4-stig-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-streaming-connections: + ocp4-stig-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-reject-unsigned-images-by-default: + ocp4-stig-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-etcd-unique-ca: + ocp4-stig-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-cni-conf: + ocp4-stig-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-dir: + ocp4-stig-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-files: + ocp4-stig-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-member: + ocp4-stig-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ip-allocations: + ocp4-stig-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-apiserver: + ocp4-stig-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-controller-manager: + ocp4-stig-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-scheduler: + ocp4-stig-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kubelet-conf: + ocp4-stig-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-multus-conf: + ocp4-stig-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovn-db-files: + ocp4-stig-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-pid: + ocp4-stig-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-worker-ca: + ocp4-stig-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-kubeconfig: + ocp4-stig-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-service: + ocp4-stig-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-cni-conf: + ocp4-stig-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-dir: + ocp4-stig-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-files: + ocp4-stig-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-member: + ocp4-stig-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-worker-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ip-allocations: + ocp4-stig-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-apiserver: + ocp4-stig-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-controller-manager: + ocp4-stig-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-scheduler: + ocp4-stig-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kubelet: + ocp4-stig-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-kubelet-conf: + ocp4-stig-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-multus-conf: + ocp4-stig-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-pki-key-files: + ocp4-stig-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-owner-ovn-db-files: + ocp4-stig-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db: + ocp4-stig-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-pid: + ocp4-stig-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovsdb-server-pid: + ocp4-stig-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-worker-ca: + ocp4-stig-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-kubeconfig: + ocp4-stig-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-service: + ocp4-stig-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-cni-conf: + ocp4-stig-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-stig-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-dir: + ocp4-stig-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-files: + ocp4-stig-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-member: + ocp4-stig-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ip-allocations: + ocp4-stig-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-apiserver: + ocp4-stig-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-controller-manager: + ocp4-stig-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kubelet: + ocp4-stig-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-kubelet-conf: + ocp4-stig-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-multus-conf: + ocp4-stig-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-openshift-pki-key-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-permissions-ovn-db-files: + ocp4-stig-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db: + ocp4-stig-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-pid: + ocp4-stig-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovsdb-server-pid: + ocp4-stig-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-scheduler: + ocp4-stig-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-worker-ca: + ocp4-stig-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-kubeconfig: + ocp4-stig-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-service: + ocp4-stig-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-kubelet-anonymous-auth: + ocp4-stig-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-authorization-mode: + ocp4-stig-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-client-ca: + ocp4-stig-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-event-creation: + ocp4-stig-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-min-version: + ocp4-stig-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-client-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-iptables-util-chains: + ocp4-stig-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-server-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-streaming-connections: + ocp4-stig-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-reject-unsigned-images-by-default: + ocp4-stig-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-stig-node-4.17.yml b/tests/assertions/ocp4/ocp4-stig-node-4.17.yml index 7fd94e81450..eed9860a986 100644 --- a/tests/assertions/ocp4/ocp4-stig-node-4.17.yml +++ b/tests/assertions/ocp4/ocp4-stig-node-4.17.yml @@ -1,655 +1,655 @@ rule_results: - e2e-stig-node-master-etcd-unique-ca: + ocp4-stig-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-cni-conf: + ocp4-stig-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-dir: + ocp4-stig-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-files: + ocp4-stig-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-member: + ocp4-stig-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ip-allocations: + ocp4-stig-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-kube-apiserver: + ocp4-stig-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-controller-manager: + ocp4-stig-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-scheduler: + ocp4-stig-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kubelet-conf: + ocp4-stig-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-multus-conf: + ocp4-stig-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovn-db-files: + ocp4-stig-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-pid: + ocp4-stig-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-ca: + ocp4-stig-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-kubeconfig: + ocp4-stig-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-service: + ocp4-stig-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-cni-conf: + ocp4-stig-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-dir: + ocp4-stig-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-files: + ocp4-stig-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-member: + ocp4-stig-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-pki-cert-files: + ocp4-stig-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-master-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ip-allocations: + ocp4-stig-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-kube-apiserver: + ocp4-stig-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-controller-manager: + ocp4-stig-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-scheduler: + ocp4-stig-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet: + ocp4-stig-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet-conf: + ocp4-stig-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-multus-conf: + ocp4-stig-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-cert-files: + ocp4-stig-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-key-files: + ocp4-stig-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-ovn-cni-server-sock: + ocp4-stig-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovn-db-files: + ocp4-stig-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db: + ocp4-stig-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db-lock: + ocp4-stig-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-pid: + ocp4-stig-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-sys-id-conf: + ocp4-stig-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovsdb-server-pid: + ocp4-stig-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-scheduler-kubeconfig: + ocp4-stig-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-ca: + ocp4-stig-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-kubeconfig: + ocp4-stig-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-service: + ocp4-stig-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-cni-conf: + ocp4-stig-node-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-dir: + ocp4-stig-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-files: + ocp4-stig-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-member: + ocp4-stig-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ip-allocations: + ocp4-stig-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-permissions-kube-apiserver: + ocp4-stig-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kube-controller-manager: + ocp4-stig-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet: + ocp4-stig-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet-conf: + ocp4-stig-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-multus-conf: + ocp4-stig-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-key-files: + ocp4-stig-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-db-files: + ocp4-stig-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db: + ocp4-stig-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-pid: + ocp4-stig-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovsdb-server-pid: + ocp4-stig-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler: + ocp4-stig-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-ca: + ocp4-stig-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-kubeconfig: + ocp4-stig-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-service: + ocp4-stig-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-kubelet-anonymous-auth: + ocp4-stig-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-authorization-mode: + ocp4-stig-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-client-ca: + ocp4-stig-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-event-creation: + ocp4-stig-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-min-version: + ocp4-stig-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-cert-rotation: + ocp4-stig-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-client-cert-rotation: + ocp4-stig-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-iptables-util-chains: + ocp4-stig-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-server-cert-rotation: + ocp4-stig-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-streaming-connections: + ocp4-stig-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-reject-unsigned-images-by-default: + ocp4-stig-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-etcd-unique-ca: + ocp4-stig-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-cni-conf: + ocp4-stig-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-dir: + ocp4-stig-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-files: + ocp4-stig-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-member: + ocp4-stig-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ip-allocations: + ocp4-stig-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-apiserver: + ocp4-stig-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-controller-manager: + ocp4-stig-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-scheduler: + ocp4-stig-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kubelet-conf: + ocp4-stig-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-multus-conf: + ocp4-stig-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovn-db-files: + ocp4-stig-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-pid: + ocp4-stig-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-worker-ca: + ocp4-stig-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-kubeconfig: + ocp4-stig-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-service: + ocp4-stig-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-cni-conf: + ocp4-stig-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-dir: + ocp4-stig-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-files: + ocp4-stig-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-member: + ocp4-stig-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-worker-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ip-allocations: + ocp4-stig-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-apiserver: + ocp4-stig-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-controller-manager: + ocp4-stig-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-scheduler: + ocp4-stig-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kubelet: + ocp4-stig-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-kubelet-conf: + ocp4-stig-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-multus-conf: + ocp4-stig-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-pki-key-files: + ocp4-stig-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovn-db-files: + ocp4-stig-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db: + ocp4-stig-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-pid: + ocp4-stig-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovsdb-server-pid: + ocp4-stig-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-worker-ca: + ocp4-stig-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-kubeconfig: + ocp4-stig-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-service: + ocp4-stig-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-cni-conf: + ocp4-stig-node-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-dir: + ocp4-stig-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-files: + ocp4-stig-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-member: + ocp4-stig-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ip-allocations: + ocp4-stig-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-apiserver: + ocp4-stig-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-controller-manager: + ocp4-stig-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kubelet: + ocp4-stig-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-kubelet-conf: + ocp4-stig-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-multus-conf: + ocp4-stig-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-openshift-pki-key-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovn-db-files: + ocp4-stig-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db: + ocp4-stig-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-pid: + ocp4-stig-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovsdb-server-pid: + ocp4-stig-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-scheduler: + ocp4-stig-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-worker-ca: + ocp4-stig-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-kubeconfig: + ocp4-stig-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-service: + ocp4-stig-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-kubelet-anonymous-auth: + ocp4-stig-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-authorization-mode: + ocp4-stig-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-client-ca: + ocp4-stig-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-event-creation: + ocp4-stig-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-min-version: + ocp4-stig-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-client-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-iptables-util-chains: + ocp4-stig-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-server-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-streaming-connections: + ocp4-stig-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-reject-unsigned-images-by-default: + ocp4-stig-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-stig-node-4.18.yml b/tests/assertions/ocp4/ocp4-stig-node-4.18.yml index 8d54ac2dcfe..569888ddec5 100644 --- a/tests/assertions/ocp4/ocp4-stig-node-4.18.yml +++ b/tests/assertions/ocp4/ocp4-stig-node-4.18.yml @@ -1,655 +1,655 @@ rule_results: - e2e-stig-node-master-etcd-unique-ca: + ocp4-stig-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-cni-conf: + ocp4-stig-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-dir: + ocp4-stig-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-files: + ocp4-stig-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-member: + ocp4-stig-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ip-allocations: + ocp4-stig-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-kube-apiserver: + ocp4-stig-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-controller-manager: + ocp4-stig-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-scheduler: + ocp4-stig-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kubelet-conf: + ocp4-stig-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-multus-conf: + ocp4-stig-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovn-db-files: + ocp4-stig-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-pid: + ocp4-stig-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-ca: + ocp4-stig-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-kubeconfig: + ocp4-stig-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-service: + ocp4-stig-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-cni-conf: + ocp4-stig-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-dir: + ocp4-stig-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-files: + ocp4-stig-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-member: + ocp4-stig-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-pki-cert-files: + ocp4-stig-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-master-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ip-allocations: + ocp4-stig-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-kube-apiserver: + ocp4-stig-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-controller-manager: + ocp4-stig-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-scheduler: + ocp4-stig-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet: + ocp4-stig-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet-conf: + ocp4-stig-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-multus-conf: + ocp4-stig-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-cert-files: + ocp4-stig-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-key-files: + ocp4-stig-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-ovn-cni-server-sock: + ocp4-stig-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovn-db-files: + ocp4-stig-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db: + ocp4-stig-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db-lock: + ocp4-stig-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-pid: + ocp4-stig-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-sys-id-conf: + ocp4-stig-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovsdb-server-pid: + ocp4-stig-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-scheduler-kubeconfig: + ocp4-stig-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-ca: + ocp4-stig-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-kubeconfig: + ocp4-stig-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-service: + ocp4-stig-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-cni-conf: + ocp4-stig-node-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-dir: + ocp4-stig-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-files: + ocp4-stig-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-member: + ocp4-stig-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ip-allocations: + ocp4-stig-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-permissions-kube-apiserver: + ocp4-stig-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kube-controller-manager: + ocp4-stig-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet: + ocp4-stig-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet-conf: + ocp4-stig-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-multus-conf: + ocp4-stig-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-key-files: + ocp4-stig-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-db-files: + ocp4-stig-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db: + ocp4-stig-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-pid: + ocp4-stig-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovsdb-server-pid: + ocp4-stig-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler: + ocp4-stig-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-ca: + ocp4-stig-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-kubeconfig: + ocp4-stig-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-service: + ocp4-stig-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-kubelet-anonymous-auth: + ocp4-stig-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-authorization-mode: + ocp4-stig-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-client-ca: + ocp4-stig-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-event-creation: + ocp4-stig-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-min-version: + ocp4-stig-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-cert-rotation: + ocp4-stig-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-client-cert-rotation: + ocp4-stig-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-iptables-util-chains: + ocp4-stig-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-server-cert-rotation: + ocp4-stig-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-streaming-connections: + ocp4-stig-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-reject-unsigned-images-by-default: + ocp4-stig-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-etcd-unique-ca: + ocp4-stig-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-cni-conf: + ocp4-stig-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-dir: + ocp4-stig-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-files: + ocp4-stig-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-member: + ocp4-stig-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ip-allocations: + ocp4-stig-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-apiserver: + ocp4-stig-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-controller-manager: + ocp4-stig-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-scheduler: + ocp4-stig-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kubelet-conf: + ocp4-stig-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-multus-conf: + ocp4-stig-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovn-db-files: + ocp4-stig-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-pid: + ocp4-stig-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-worker-ca: + ocp4-stig-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-kubeconfig: + ocp4-stig-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-service: + ocp4-stig-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-cni-conf: + ocp4-stig-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-dir: + ocp4-stig-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-files: + ocp4-stig-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-member: + ocp4-stig-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-worker-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ip-allocations: + ocp4-stig-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-apiserver: + ocp4-stig-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-controller-manager: + ocp4-stig-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-scheduler: + ocp4-stig-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kubelet: + ocp4-stig-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-kubelet-conf: + ocp4-stig-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-multus-conf: + ocp4-stig-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-pki-key-files: + ocp4-stig-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovn-db-files: + ocp4-stig-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db: + ocp4-stig-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-pid: + ocp4-stig-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovsdb-server-pid: + ocp4-stig-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-worker-ca: + ocp4-stig-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-kubeconfig: + ocp4-stig-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-service: + ocp4-stig-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-cni-conf: + ocp4-stig-node-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-dir: + ocp4-stig-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-files: + ocp4-stig-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-member: + ocp4-stig-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ip-allocations: + ocp4-stig-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-apiserver: + ocp4-stig-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-controller-manager: + ocp4-stig-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kubelet: + ocp4-stig-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-kubelet-conf: + ocp4-stig-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-multus-conf: + ocp4-stig-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-openshift-pki-key-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovn-db-files: + ocp4-stig-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db: + ocp4-stig-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-pid: + ocp4-stig-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovsdb-server-pid: + ocp4-stig-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-scheduler: + ocp4-stig-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-worker-ca: + ocp4-stig-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-kubeconfig: + ocp4-stig-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-service: + ocp4-stig-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-kubelet-anonymous-auth: + ocp4-stig-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-authorization-mode: + ocp4-stig-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-client-ca: + ocp4-stig-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-event-creation: + ocp4-stig-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-min-version: + ocp4-stig-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-client-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-iptables-util-chains: + ocp4-stig-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-server-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-streaming-connections: + ocp4-stig-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-reject-unsigned-images-by-default: + ocp4-stig-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE From c02d5b36ab8c636f9db4b5aa39790dd6f5ae1299 Mon Sep 17 00:00:00 2001 From: Lance Bragstad Date: Fri, 26 Sep 2025 23:34:20 -0500 Subject: [PATCH 2/2] Update rhcos4 assertion files The previous check names relied on an e2e test bundle, resulting in the each check name being prefixed with `e2e`. This prefix needs to change if you're calling the suite with different profile bundles, otherwise the assertions won't match, even though you're using the same profile. This commit updates the assertion files so that we just use the default profile bundle names, and then in the test suite we'll handle the profile bundles so the one under test is always loaded using the default names. This results in less tinkering when your testing locally, versus CI running on PRs, versus periodic CI runs (they all use the same assertion files, with the same check result names). --- tests/assertions/ocp4/rhcos4-e8-4.12.yml | 200 ++-- tests/assertions/ocp4/rhcos4-e8-4.13.yml | 200 ++-- tests/assertions/ocp4/rhcos4-e8-4.14.yml | 200 ++-- tests/assertions/ocp4/rhcos4-e8-4.15.yml | 200 ++-- tests/assertions/ocp4/rhcos4-e8-4.16.yml | 200 ++-- tests/assertions/ocp4/rhcos4-e8-4.17.yml | 200 ++-- tests/assertions/ocp4/rhcos4-e8-4.18.yml | 200 ++-- tests/assertions/ocp4/rhcos4-high-4.12.yml | 968 +++++++++--------- tests/assertions/ocp4/rhcos4-high-4.13.yml | 968 +++++++++--------- tests/assertions/ocp4/rhcos4-high-4.14.yml | 968 +++++++++--------- tests/assertions/ocp4/rhcos4-high-4.15.yml | 968 +++++++++--------- tests/assertions/ocp4/rhcos4-high-4.16.yml | 968 +++++++++--------- tests/assertions/ocp4/rhcos4-high-4.17.yml | 968 +++++++++--------- tests/assertions/ocp4/rhcos4-high-4.18.yml | 968 +++++++++--------- tests/assertions/ocp4/rhcos4-high-4.2.yml | 968 +++++++++--------- .../assertions/ocp4/rhcos4-moderate-4.12.yml | 964 ++++++++--------- .../assertions/ocp4/rhcos4-moderate-4.13.yml | 964 ++++++++--------- .../assertions/ocp4/rhcos4-moderate-4.14.yml | 964 ++++++++--------- .../assertions/ocp4/rhcos4-moderate-4.15.yml | 964 ++++++++--------- .../assertions/ocp4/rhcos4-moderate-4.16.yml | 964 ++++++++--------- .../assertions/ocp4/rhcos4-moderate-4.17.yml | 964 ++++++++--------- .../assertions/ocp4/rhcos4-moderate-4.18.yml | 964 ++++++++--------- tests/assertions/ocp4/rhcos4-stig-4.12.yml | 476 ++++----- tests/assertions/ocp4/rhcos4-stig-4.13.yml | 476 ++++----- tests/assertions/ocp4/rhcos4-stig-4.14.yml | 476 ++++----- tests/assertions/ocp4/rhcos4-stig-4.15.yml | 476 ++++----- tests/assertions/ocp4/rhcos4-stig-4.16.yml | 476 ++++----- tests/assertions/ocp4/rhcos4-stig-4.17.yml | 476 ++++----- tests/assertions/ocp4/rhcos4-stig-4.18.yml | 476 ++++----- 29 files changed, 9612 insertions(+), 9612 deletions(-) diff --git a/tests/assertions/ocp4/rhcos4-e8-4.12.yml b/tests/assertions/ocp4/rhcos4-e8-4.12.yml index 744e425f010..77e54506286 100644 --- a/tests/assertions/ocp4/rhcos4-e8-4.12.yml +++ b/tests/assertions/ocp4/rhcos4-e8-4.12.yml @@ -1,301 +1,301 @@ rule_results: - e2e-e8-master-accounts-no-uid-except-zero: + rhcos4-e8-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-master-audit-rules-dac-modification-chmod: + rhcos4-e8-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-dac-modification-chown: + rhcos4-e8-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-execution-chcon: + rhcos4-e8-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-restorecon: + rhcos4-e8-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-semanage: + rhcos4-e8-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setfiles: + rhcos4-e8-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setsebool: + rhcos4-e8-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-seunshare: + rhcos4-e8-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-delete: + rhcos4-e8-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-finit: + rhcos4-e8-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-init: + rhcos4-e8-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events: + rhcos4-e8-master-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-faillock: + rhcos4-e8-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-lastlog: + rhcos4-e8-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-tallylog: + rhcos4-e8-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-networkconfig-modification: + rhcos4-e8-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-sysadmin-actions: + rhcos4-e8-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-adjtimex: + rhcos4-e8-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-clock-settime: + rhcos4-e8-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-settimeofday: + rhcos4-e8-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-stime: + rhcos4-e8-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-time-watch-localtime: + rhcos4-e8-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-usergroup-modification: + rhcos4-e8-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-data-retention-flush: + rhcos4-e8-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-freq: + rhcos4-e8-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-local-events: + rhcos4-e8-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-log-format: + rhcos4-e8-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-name-format: + rhcos4-e8-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-write-logs: + rhcos4-e8-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-master-configure-crypto-policy: + rhcos4-e8-master-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-configure-ssh-crypto-policy: + rhcos4-e8-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-master-no-empty-passwords: + rhcos4-e8-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-selinux-policytype: + rhcos4-e8-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-master-selinux-state: + rhcos4-e8-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-empty-passwords: + rhcos4-e8-master-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-gssapi-auth: + rhcos4-e8-master-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-rhosts: + rhcos4-e8-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-root-login: + rhcos4-e8-master-sshd-disable-root-login: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-user-known-hosts: + rhcos4-e8-master-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-do-not-permit-user-env: + rhcos4-e8-master-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-enable-strictmodes: + rhcos4-e8-master-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-print-last-log: + rhcos4-e8-master-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-set-loglevel-info: + rhcos4-e8-master-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-dmesg-restrict: + rhcos4-e8-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-kptr-restrict: + rhcos4-e8-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-randomize-va-space: + rhcos4-e8-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-accounts-no-uid-except-zero: + rhcos4-e8-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-audit-rules-dac-modification-chmod: + rhcos4-e8-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-dac-modification-chown: + rhcos4-e8-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-execution-chcon: + rhcos4-e8-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-restorecon: + rhcos4-e8-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-semanage: + rhcos4-e8-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setfiles: + rhcos4-e8-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setsebool: + rhcos4-e8-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-seunshare: + rhcos4-e8-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-delete: + rhcos4-e8-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-finit: + rhcos4-e8-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-init: + rhcos4-e8-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events: + rhcos4-e8-worker-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-faillock: + rhcos4-e8-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-lastlog: + rhcos4-e8-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-tallylog: + rhcos4-e8-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-networkconfig-modification: + rhcos4-e8-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-sysadmin-actions: + rhcos4-e8-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-adjtimex: + rhcos4-e8-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-clock-settime: + rhcos4-e8-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-settimeofday: + rhcos4-e8-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-stime: + rhcos4-e8-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-time-watch-localtime: + rhcos4-e8-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-usergroup-modification: + rhcos4-e8-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-data-retention-flush: + rhcos4-e8-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-freq: + rhcos4-e8-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-local-events: + rhcos4-e8-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-log-format: + rhcos4-e8-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-name-format: + rhcos4-e8-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-write-logs: + rhcos4-e8-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-configure-crypto-policy: + rhcos4-e8-worker-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-configure-ssh-crypto-policy: + rhcos4-e8-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-no-empty-passwords: + rhcos4-e8-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-selinux-policytype: + rhcos4-e8-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-selinux-state: + rhcos4-e8-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-empty-passwords: + rhcos4-e8-worker-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-gssapi-auth: + rhcos4-e8-worker-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-rhosts: + rhcos4-e8-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-root-login: + rhcos4-e8-worker-sshd-disable-root-login: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-user-known-hosts: + rhcos4-e8-worker-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-do-not-permit-user-env: + rhcos4-e8-worker-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-enable-strictmodes: + rhcos4-e8-worker-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-print-last-log: + rhcos4-e8-worker-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-set-loglevel-info: + rhcos4-e8-worker-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-dmesg-restrict: + rhcos4-e8-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-kptr-restrict: + rhcos4-e8-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-randomize-va-space: + rhcos4-e8-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-e8-4.13.yml b/tests/assertions/ocp4/rhcos4-e8-4.13.yml index 551df8b0137..8132c55fde8 100644 --- a/tests/assertions/ocp4/rhcos4-e8-4.13.yml +++ b/tests/assertions/ocp4/rhcos4-e8-4.13.yml @@ -1,301 +1,301 @@ rule_results: - e2e-e8-master-accounts-no-uid-except-zero: + rhcos4-e8-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-master-audit-rules-dac-modification-chmod: + rhcos4-e8-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-dac-modification-chown: + rhcos4-e8-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-execution-chcon: + rhcos4-e8-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-restorecon: + rhcos4-e8-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-semanage: + rhcos4-e8-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setfiles: + rhcos4-e8-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setsebool: + rhcos4-e8-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-seunshare: + rhcos4-e8-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-delete: + rhcos4-e8-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-finit: + rhcos4-e8-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-init: + rhcos4-e8-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events: + rhcos4-e8-master-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-faillock: + rhcos4-e8-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-lastlog: + rhcos4-e8-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-tallylog: + rhcos4-e8-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-networkconfig-modification: + rhcos4-e8-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-sysadmin-actions: + rhcos4-e8-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-adjtimex: + rhcos4-e8-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-clock-settime: + rhcos4-e8-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-settimeofday: + rhcos4-e8-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-stime: + rhcos4-e8-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-time-watch-localtime: + rhcos4-e8-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-usergroup-modification: + rhcos4-e8-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-data-retention-flush: + rhcos4-e8-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-freq: + rhcos4-e8-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-local-events: + rhcos4-e8-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-log-format: + rhcos4-e8-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-name-format: + rhcos4-e8-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-write-logs: + rhcos4-e8-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-master-configure-crypto-policy: + rhcos4-e8-master-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-configure-ssh-crypto-policy: + rhcos4-e8-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-master-no-empty-passwords: + rhcos4-e8-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-selinux-policytype: + rhcos4-e8-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-master-selinux-state: + rhcos4-e8-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-empty-passwords: + rhcos4-e8-master-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-gssapi-auth: + rhcos4-e8-master-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-rhosts: + rhcos4-e8-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-root-login: + rhcos4-e8-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-user-known-hosts: + rhcos4-e8-master-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-do-not-permit-user-env: + rhcos4-e8-master-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-enable-strictmodes: + rhcos4-e8-master-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-print-last-log: + rhcos4-e8-master-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-set-loglevel-info: + rhcos4-e8-master-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-dmesg-restrict: + rhcos4-e8-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-kptr-restrict: + rhcos4-e8-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-randomize-va-space: + rhcos4-e8-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-accounts-no-uid-except-zero: + rhcos4-e8-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-audit-rules-dac-modification-chmod: + rhcos4-e8-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-dac-modification-chown: + rhcos4-e8-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-execution-chcon: + rhcos4-e8-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-restorecon: + rhcos4-e8-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-semanage: + rhcos4-e8-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setfiles: + rhcos4-e8-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setsebool: + rhcos4-e8-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-seunshare: + rhcos4-e8-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-delete: + rhcos4-e8-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-finit: + rhcos4-e8-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-init: + rhcos4-e8-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events: + rhcos4-e8-worker-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-faillock: + rhcos4-e8-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-lastlog: + rhcos4-e8-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-tallylog: + rhcos4-e8-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-networkconfig-modification: + rhcos4-e8-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-sysadmin-actions: + rhcos4-e8-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-adjtimex: + rhcos4-e8-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-clock-settime: + rhcos4-e8-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-settimeofday: + rhcos4-e8-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-stime: + rhcos4-e8-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-time-watch-localtime: + rhcos4-e8-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-usergroup-modification: + rhcos4-e8-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-data-retention-flush: + rhcos4-e8-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-freq: + rhcos4-e8-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-local-events: + rhcos4-e8-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-log-format: + rhcos4-e8-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-name-format: + rhcos4-e8-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-write-logs: + rhcos4-e8-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-configure-crypto-policy: + rhcos4-e8-worker-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-configure-ssh-crypto-policy: + rhcos4-e8-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-no-empty-passwords: + rhcos4-e8-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-selinux-policytype: + rhcos4-e8-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-selinux-state: + rhcos4-e8-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-empty-passwords: + rhcos4-e8-worker-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-gssapi-auth: + rhcos4-e8-worker-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-rhosts: + rhcos4-e8-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-root-login: + rhcos4-e8-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-user-known-hosts: + rhcos4-e8-worker-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-do-not-permit-user-env: + rhcos4-e8-worker-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-enable-strictmodes: + rhcos4-e8-worker-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-print-last-log: + rhcos4-e8-worker-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-set-loglevel-info: + rhcos4-e8-worker-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-dmesg-restrict: + rhcos4-e8-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-kptr-restrict: + rhcos4-e8-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-randomize-va-space: + rhcos4-e8-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-e8-4.14.yml b/tests/assertions/ocp4/rhcos4-e8-4.14.yml index 551df8b0137..8132c55fde8 100644 --- a/tests/assertions/ocp4/rhcos4-e8-4.14.yml +++ b/tests/assertions/ocp4/rhcos4-e8-4.14.yml @@ -1,301 +1,301 @@ rule_results: - e2e-e8-master-accounts-no-uid-except-zero: + rhcos4-e8-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-master-audit-rules-dac-modification-chmod: + rhcos4-e8-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-dac-modification-chown: + rhcos4-e8-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-execution-chcon: + rhcos4-e8-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-restorecon: + rhcos4-e8-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-semanage: + rhcos4-e8-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setfiles: + rhcos4-e8-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setsebool: + rhcos4-e8-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-seunshare: + rhcos4-e8-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-delete: + rhcos4-e8-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-finit: + rhcos4-e8-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-init: + rhcos4-e8-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events: + rhcos4-e8-master-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-faillock: + rhcos4-e8-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-lastlog: + rhcos4-e8-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-tallylog: + rhcos4-e8-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-networkconfig-modification: + rhcos4-e8-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-sysadmin-actions: + rhcos4-e8-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-adjtimex: + rhcos4-e8-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-clock-settime: + rhcos4-e8-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-settimeofday: + rhcos4-e8-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-stime: + rhcos4-e8-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-time-watch-localtime: + rhcos4-e8-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-usergroup-modification: + rhcos4-e8-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-data-retention-flush: + rhcos4-e8-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-freq: + rhcos4-e8-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-local-events: + rhcos4-e8-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-log-format: + rhcos4-e8-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-name-format: + rhcos4-e8-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-write-logs: + rhcos4-e8-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-master-configure-crypto-policy: + rhcos4-e8-master-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-configure-ssh-crypto-policy: + rhcos4-e8-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-master-no-empty-passwords: + rhcos4-e8-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-selinux-policytype: + rhcos4-e8-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-master-selinux-state: + rhcos4-e8-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-empty-passwords: + rhcos4-e8-master-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-gssapi-auth: + rhcos4-e8-master-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-rhosts: + rhcos4-e8-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-root-login: + rhcos4-e8-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-user-known-hosts: + rhcos4-e8-master-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-do-not-permit-user-env: + rhcos4-e8-master-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-enable-strictmodes: + rhcos4-e8-master-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-print-last-log: + rhcos4-e8-master-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-set-loglevel-info: + rhcos4-e8-master-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-dmesg-restrict: + rhcos4-e8-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-kptr-restrict: + rhcos4-e8-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-randomize-va-space: + rhcos4-e8-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-accounts-no-uid-except-zero: + rhcos4-e8-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-audit-rules-dac-modification-chmod: + rhcos4-e8-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-dac-modification-chown: + rhcos4-e8-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-execution-chcon: + rhcos4-e8-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-restorecon: + rhcos4-e8-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-semanage: + rhcos4-e8-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setfiles: + rhcos4-e8-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setsebool: + rhcos4-e8-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-seunshare: + rhcos4-e8-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-delete: + rhcos4-e8-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-finit: + rhcos4-e8-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-init: + rhcos4-e8-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events: + rhcos4-e8-worker-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-faillock: + rhcos4-e8-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-lastlog: + rhcos4-e8-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-tallylog: + rhcos4-e8-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-networkconfig-modification: + rhcos4-e8-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-sysadmin-actions: + rhcos4-e8-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-adjtimex: + rhcos4-e8-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-clock-settime: + rhcos4-e8-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-settimeofday: + rhcos4-e8-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-stime: + rhcos4-e8-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-time-watch-localtime: + rhcos4-e8-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-usergroup-modification: + rhcos4-e8-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-data-retention-flush: + rhcos4-e8-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-freq: + rhcos4-e8-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-local-events: + rhcos4-e8-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-log-format: + rhcos4-e8-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-name-format: + rhcos4-e8-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-write-logs: + rhcos4-e8-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-configure-crypto-policy: + rhcos4-e8-worker-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-configure-ssh-crypto-policy: + rhcos4-e8-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-no-empty-passwords: + rhcos4-e8-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-selinux-policytype: + rhcos4-e8-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-selinux-state: + rhcos4-e8-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-empty-passwords: + rhcos4-e8-worker-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-gssapi-auth: + rhcos4-e8-worker-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-rhosts: + rhcos4-e8-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-root-login: + rhcos4-e8-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-user-known-hosts: + rhcos4-e8-worker-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-do-not-permit-user-env: + rhcos4-e8-worker-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-enable-strictmodes: + rhcos4-e8-worker-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-print-last-log: + rhcos4-e8-worker-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-set-loglevel-info: + rhcos4-e8-worker-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-dmesg-restrict: + rhcos4-e8-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-kptr-restrict: + rhcos4-e8-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-randomize-va-space: + rhcos4-e8-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-e8-4.15.yml b/tests/assertions/ocp4/rhcos4-e8-4.15.yml index 551df8b0137..8132c55fde8 100644 --- a/tests/assertions/ocp4/rhcos4-e8-4.15.yml +++ b/tests/assertions/ocp4/rhcos4-e8-4.15.yml @@ -1,301 +1,301 @@ rule_results: - e2e-e8-master-accounts-no-uid-except-zero: + rhcos4-e8-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-master-audit-rules-dac-modification-chmod: + rhcos4-e8-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-dac-modification-chown: + rhcos4-e8-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-execution-chcon: + rhcos4-e8-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-restorecon: + rhcos4-e8-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-semanage: + rhcos4-e8-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setfiles: + rhcos4-e8-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setsebool: + rhcos4-e8-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-seunshare: + rhcos4-e8-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-delete: + rhcos4-e8-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-finit: + rhcos4-e8-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-init: + rhcos4-e8-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events: + rhcos4-e8-master-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-faillock: + rhcos4-e8-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-lastlog: + rhcos4-e8-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-tallylog: + rhcos4-e8-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-networkconfig-modification: + rhcos4-e8-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-sysadmin-actions: + rhcos4-e8-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-adjtimex: + rhcos4-e8-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-clock-settime: + rhcos4-e8-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-settimeofday: + rhcos4-e8-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-stime: + rhcos4-e8-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-time-watch-localtime: + rhcos4-e8-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-usergroup-modification: + rhcos4-e8-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-data-retention-flush: + rhcos4-e8-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-freq: + rhcos4-e8-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-local-events: + rhcos4-e8-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-log-format: + rhcos4-e8-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-name-format: + rhcos4-e8-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-write-logs: + rhcos4-e8-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-master-configure-crypto-policy: + rhcos4-e8-master-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-configure-ssh-crypto-policy: + rhcos4-e8-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-master-no-empty-passwords: + rhcos4-e8-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-selinux-policytype: + rhcos4-e8-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-master-selinux-state: + rhcos4-e8-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-empty-passwords: + rhcos4-e8-master-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-gssapi-auth: + rhcos4-e8-master-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-rhosts: + rhcos4-e8-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-root-login: + rhcos4-e8-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-user-known-hosts: + rhcos4-e8-master-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-do-not-permit-user-env: + rhcos4-e8-master-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-enable-strictmodes: + rhcos4-e8-master-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-print-last-log: + rhcos4-e8-master-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-set-loglevel-info: + rhcos4-e8-master-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-dmesg-restrict: + rhcos4-e8-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-kptr-restrict: + rhcos4-e8-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-randomize-va-space: + rhcos4-e8-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-accounts-no-uid-except-zero: + rhcos4-e8-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-audit-rules-dac-modification-chmod: + rhcos4-e8-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-dac-modification-chown: + rhcos4-e8-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-execution-chcon: + rhcos4-e8-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-restorecon: + rhcos4-e8-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-semanage: + rhcos4-e8-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setfiles: + rhcos4-e8-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setsebool: + rhcos4-e8-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-seunshare: + rhcos4-e8-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-delete: + rhcos4-e8-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-finit: + rhcos4-e8-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-init: + rhcos4-e8-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events: + rhcos4-e8-worker-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-faillock: + rhcos4-e8-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-lastlog: + rhcos4-e8-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-tallylog: + rhcos4-e8-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-networkconfig-modification: + rhcos4-e8-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-sysadmin-actions: + rhcos4-e8-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-adjtimex: + rhcos4-e8-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-clock-settime: + rhcos4-e8-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-settimeofday: + rhcos4-e8-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-stime: + rhcos4-e8-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-time-watch-localtime: + rhcos4-e8-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-usergroup-modification: + rhcos4-e8-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-data-retention-flush: + rhcos4-e8-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-freq: + rhcos4-e8-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-local-events: + rhcos4-e8-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-log-format: + rhcos4-e8-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-name-format: + rhcos4-e8-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-write-logs: + rhcos4-e8-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-configure-crypto-policy: + rhcos4-e8-worker-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-configure-ssh-crypto-policy: + rhcos4-e8-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-no-empty-passwords: + rhcos4-e8-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-selinux-policytype: + rhcos4-e8-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-selinux-state: + rhcos4-e8-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-empty-passwords: + rhcos4-e8-worker-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-gssapi-auth: + rhcos4-e8-worker-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-rhosts: + rhcos4-e8-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-root-login: + rhcos4-e8-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-user-known-hosts: + rhcos4-e8-worker-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-do-not-permit-user-env: + rhcos4-e8-worker-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-enable-strictmodes: + rhcos4-e8-worker-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-print-last-log: + rhcos4-e8-worker-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-set-loglevel-info: + rhcos4-e8-worker-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-dmesg-restrict: + rhcos4-e8-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-kptr-restrict: + rhcos4-e8-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-randomize-va-space: + rhcos4-e8-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-e8-4.16.yml b/tests/assertions/ocp4/rhcos4-e8-4.16.yml index 551df8b0137..8132c55fde8 100644 --- a/tests/assertions/ocp4/rhcos4-e8-4.16.yml +++ b/tests/assertions/ocp4/rhcos4-e8-4.16.yml @@ -1,301 +1,301 @@ rule_results: - e2e-e8-master-accounts-no-uid-except-zero: + rhcos4-e8-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-master-audit-rules-dac-modification-chmod: + rhcos4-e8-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-dac-modification-chown: + rhcos4-e8-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-execution-chcon: + rhcos4-e8-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-restorecon: + rhcos4-e8-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-semanage: + rhcos4-e8-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setfiles: + rhcos4-e8-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setsebool: + rhcos4-e8-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-seunshare: + rhcos4-e8-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-delete: + rhcos4-e8-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-finit: + rhcos4-e8-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-init: + rhcos4-e8-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events: + rhcos4-e8-master-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-faillock: + rhcos4-e8-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-lastlog: + rhcos4-e8-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-tallylog: + rhcos4-e8-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-networkconfig-modification: + rhcos4-e8-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-sysadmin-actions: + rhcos4-e8-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-adjtimex: + rhcos4-e8-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-clock-settime: + rhcos4-e8-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-settimeofday: + rhcos4-e8-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-stime: + rhcos4-e8-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-time-watch-localtime: + rhcos4-e8-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-usergroup-modification: + rhcos4-e8-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-data-retention-flush: + rhcos4-e8-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-freq: + rhcos4-e8-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-local-events: + rhcos4-e8-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-log-format: + rhcos4-e8-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-name-format: + rhcos4-e8-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-write-logs: + rhcos4-e8-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-master-configure-crypto-policy: + rhcos4-e8-master-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-configure-ssh-crypto-policy: + rhcos4-e8-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-master-no-empty-passwords: + rhcos4-e8-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-selinux-policytype: + rhcos4-e8-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-master-selinux-state: + rhcos4-e8-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-empty-passwords: + rhcos4-e8-master-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-gssapi-auth: + rhcos4-e8-master-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-rhosts: + rhcos4-e8-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-root-login: + rhcos4-e8-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-user-known-hosts: + rhcos4-e8-master-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-do-not-permit-user-env: + rhcos4-e8-master-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-enable-strictmodes: + rhcos4-e8-master-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-print-last-log: + rhcos4-e8-master-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-set-loglevel-info: + rhcos4-e8-master-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-dmesg-restrict: + rhcos4-e8-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-kptr-restrict: + rhcos4-e8-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-randomize-va-space: + rhcos4-e8-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-accounts-no-uid-except-zero: + rhcos4-e8-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-audit-rules-dac-modification-chmod: + rhcos4-e8-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-dac-modification-chown: + rhcos4-e8-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-execution-chcon: + rhcos4-e8-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-restorecon: + rhcos4-e8-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-semanage: + rhcos4-e8-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setfiles: + rhcos4-e8-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setsebool: + rhcos4-e8-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-seunshare: + rhcos4-e8-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-delete: + rhcos4-e8-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-finit: + rhcos4-e8-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-init: + rhcos4-e8-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events: + rhcos4-e8-worker-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-faillock: + rhcos4-e8-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-lastlog: + rhcos4-e8-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-tallylog: + rhcos4-e8-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-networkconfig-modification: + rhcos4-e8-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-sysadmin-actions: + rhcos4-e8-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-adjtimex: + rhcos4-e8-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-clock-settime: + rhcos4-e8-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-settimeofday: + rhcos4-e8-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-stime: + rhcos4-e8-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-time-watch-localtime: + rhcos4-e8-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-usergroup-modification: + rhcos4-e8-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-data-retention-flush: + rhcos4-e8-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-freq: + rhcos4-e8-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-local-events: + rhcos4-e8-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-log-format: + rhcos4-e8-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-name-format: + rhcos4-e8-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-write-logs: + rhcos4-e8-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-configure-crypto-policy: + rhcos4-e8-worker-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-configure-ssh-crypto-policy: + rhcos4-e8-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-no-empty-passwords: + rhcos4-e8-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-selinux-policytype: + rhcos4-e8-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-selinux-state: + rhcos4-e8-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-empty-passwords: + rhcos4-e8-worker-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-gssapi-auth: + rhcos4-e8-worker-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-rhosts: + rhcos4-e8-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-root-login: + rhcos4-e8-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-user-known-hosts: + rhcos4-e8-worker-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-do-not-permit-user-env: + rhcos4-e8-worker-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-enable-strictmodes: + rhcos4-e8-worker-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-print-last-log: + rhcos4-e8-worker-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-set-loglevel-info: + rhcos4-e8-worker-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-dmesg-restrict: + rhcos4-e8-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-kptr-restrict: + rhcos4-e8-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-randomize-va-space: + rhcos4-e8-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-e8-4.17.yml b/tests/assertions/ocp4/rhcos4-e8-4.17.yml index 551df8b0137..8132c55fde8 100644 --- a/tests/assertions/ocp4/rhcos4-e8-4.17.yml +++ b/tests/assertions/ocp4/rhcos4-e8-4.17.yml @@ -1,301 +1,301 @@ rule_results: - e2e-e8-master-accounts-no-uid-except-zero: + rhcos4-e8-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-master-audit-rules-dac-modification-chmod: + rhcos4-e8-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-dac-modification-chown: + rhcos4-e8-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-execution-chcon: + rhcos4-e8-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-restorecon: + rhcos4-e8-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-semanage: + rhcos4-e8-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setfiles: + rhcos4-e8-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setsebool: + rhcos4-e8-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-seunshare: + rhcos4-e8-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-delete: + rhcos4-e8-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-finit: + rhcos4-e8-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-init: + rhcos4-e8-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events: + rhcos4-e8-master-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-faillock: + rhcos4-e8-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-lastlog: + rhcos4-e8-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-tallylog: + rhcos4-e8-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-networkconfig-modification: + rhcos4-e8-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-sysadmin-actions: + rhcos4-e8-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-adjtimex: + rhcos4-e8-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-clock-settime: + rhcos4-e8-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-settimeofday: + rhcos4-e8-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-stime: + rhcos4-e8-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-time-watch-localtime: + rhcos4-e8-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-usergroup-modification: + rhcos4-e8-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-data-retention-flush: + rhcos4-e8-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-freq: + rhcos4-e8-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-local-events: + rhcos4-e8-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-log-format: + rhcos4-e8-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-name-format: + rhcos4-e8-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-write-logs: + rhcos4-e8-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-master-configure-crypto-policy: + rhcos4-e8-master-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-configure-ssh-crypto-policy: + rhcos4-e8-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-master-no-empty-passwords: + rhcos4-e8-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-selinux-policytype: + rhcos4-e8-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-master-selinux-state: + rhcos4-e8-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-empty-passwords: + rhcos4-e8-master-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-gssapi-auth: + rhcos4-e8-master-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-rhosts: + rhcos4-e8-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-root-login: + rhcos4-e8-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-user-known-hosts: + rhcos4-e8-master-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-do-not-permit-user-env: + rhcos4-e8-master-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-enable-strictmodes: + rhcos4-e8-master-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-print-last-log: + rhcos4-e8-master-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-set-loglevel-info: + rhcos4-e8-master-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-dmesg-restrict: + rhcos4-e8-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-kptr-restrict: + rhcos4-e8-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-randomize-va-space: + rhcos4-e8-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-accounts-no-uid-except-zero: + rhcos4-e8-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-audit-rules-dac-modification-chmod: + rhcos4-e8-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-dac-modification-chown: + rhcos4-e8-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-execution-chcon: + rhcos4-e8-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-restorecon: + rhcos4-e8-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-semanage: + rhcos4-e8-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setfiles: + rhcos4-e8-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setsebool: + rhcos4-e8-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-seunshare: + rhcos4-e8-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-delete: + rhcos4-e8-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-finit: + rhcos4-e8-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-init: + rhcos4-e8-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events: + rhcos4-e8-worker-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-faillock: + rhcos4-e8-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-lastlog: + rhcos4-e8-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-tallylog: + rhcos4-e8-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-networkconfig-modification: + rhcos4-e8-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-sysadmin-actions: + rhcos4-e8-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-adjtimex: + rhcos4-e8-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-clock-settime: + rhcos4-e8-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-settimeofday: + rhcos4-e8-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-stime: + rhcos4-e8-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-time-watch-localtime: + rhcos4-e8-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-usergroup-modification: + rhcos4-e8-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-data-retention-flush: + rhcos4-e8-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-freq: + rhcos4-e8-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-local-events: + rhcos4-e8-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-log-format: + rhcos4-e8-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-name-format: + rhcos4-e8-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-write-logs: + rhcos4-e8-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-configure-crypto-policy: + rhcos4-e8-worker-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-configure-ssh-crypto-policy: + rhcos4-e8-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-no-empty-passwords: + rhcos4-e8-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-selinux-policytype: + rhcos4-e8-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-selinux-state: + rhcos4-e8-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-empty-passwords: + rhcos4-e8-worker-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-gssapi-auth: + rhcos4-e8-worker-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-rhosts: + rhcos4-e8-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-root-login: + rhcos4-e8-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-user-known-hosts: + rhcos4-e8-worker-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-do-not-permit-user-env: + rhcos4-e8-worker-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-enable-strictmodes: + rhcos4-e8-worker-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-print-last-log: + rhcos4-e8-worker-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-set-loglevel-info: + rhcos4-e8-worker-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-dmesg-restrict: + rhcos4-e8-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-kptr-restrict: + rhcos4-e8-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-randomize-va-space: + rhcos4-e8-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-e8-4.18.yml b/tests/assertions/ocp4/rhcos4-e8-4.18.yml index 551df8b0137..8132c55fde8 100644 --- a/tests/assertions/ocp4/rhcos4-e8-4.18.yml +++ b/tests/assertions/ocp4/rhcos4-e8-4.18.yml @@ -1,301 +1,301 @@ rule_results: - e2e-e8-master-accounts-no-uid-except-zero: + rhcos4-e8-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-master-audit-rules-dac-modification-chmod: + rhcos4-e8-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-dac-modification-chown: + rhcos4-e8-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-execution-chcon: + rhcos4-e8-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-restorecon: + rhcos4-e8-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-semanage: + rhcos4-e8-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setfiles: + rhcos4-e8-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setsebool: + rhcos4-e8-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-seunshare: + rhcos4-e8-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-delete: + rhcos4-e8-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-finit: + rhcos4-e8-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-init: + rhcos4-e8-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events: + rhcos4-e8-master-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-faillock: + rhcos4-e8-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-lastlog: + rhcos4-e8-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-tallylog: + rhcos4-e8-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-networkconfig-modification: + rhcos4-e8-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-sysadmin-actions: + rhcos4-e8-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-adjtimex: + rhcos4-e8-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-clock-settime: + rhcos4-e8-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-settimeofday: + rhcos4-e8-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-stime: + rhcos4-e8-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-time-watch-localtime: + rhcos4-e8-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-usergroup-modification: + rhcos4-e8-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-data-retention-flush: + rhcos4-e8-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-freq: + rhcos4-e8-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-local-events: + rhcos4-e8-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-log-format: + rhcos4-e8-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-name-format: + rhcos4-e8-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-write-logs: + rhcos4-e8-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-master-configure-crypto-policy: + rhcos4-e8-master-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-configure-ssh-crypto-policy: + rhcos4-e8-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-master-no-empty-passwords: + rhcos4-e8-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-selinux-policytype: + rhcos4-e8-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-master-selinux-state: + rhcos4-e8-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-empty-passwords: + rhcos4-e8-master-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-gssapi-auth: + rhcos4-e8-master-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-rhosts: + rhcos4-e8-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-root-login: + rhcos4-e8-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-user-known-hosts: + rhcos4-e8-master-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-do-not-permit-user-env: + rhcos4-e8-master-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-enable-strictmodes: + rhcos4-e8-master-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-print-last-log: + rhcos4-e8-master-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-set-loglevel-info: + rhcos4-e8-master-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-dmesg-restrict: + rhcos4-e8-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-kptr-restrict: + rhcos4-e8-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-randomize-va-space: + rhcos4-e8-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-accounts-no-uid-except-zero: + rhcos4-e8-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-audit-rules-dac-modification-chmod: + rhcos4-e8-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-dac-modification-chown: + rhcos4-e8-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-execution-chcon: + rhcos4-e8-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-restorecon: + rhcos4-e8-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-semanage: + rhcos4-e8-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setfiles: + rhcos4-e8-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setsebool: + rhcos4-e8-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-seunshare: + rhcos4-e8-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-delete: + rhcos4-e8-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-finit: + rhcos4-e8-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-init: + rhcos4-e8-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events: + rhcos4-e8-worker-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-faillock: + rhcos4-e8-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-lastlog: + rhcos4-e8-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-tallylog: + rhcos4-e8-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-networkconfig-modification: + rhcos4-e8-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-sysadmin-actions: + rhcos4-e8-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-adjtimex: + rhcos4-e8-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-clock-settime: + rhcos4-e8-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-settimeofday: + rhcos4-e8-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-stime: + rhcos4-e8-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-time-watch-localtime: + rhcos4-e8-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-usergroup-modification: + rhcos4-e8-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-data-retention-flush: + rhcos4-e8-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-freq: + rhcos4-e8-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-local-events: + rhcos4-e8-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-log-format: + rhcos4-e8-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-name-format: + rhcos4-e8-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-write-logs: + rhcos4-e8-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-configure-crypto-policy: + rhcos4-e8-worker-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-configure-ssh-crypto-policy: + rhcos4-e8-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-no-empty-passwords: + rhcos4-e8-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-selinux-policytype: + rhcos4-e8-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-selinux-state: + rhcos4-e8-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-empty-passwords: + rhcos4-e8-worker-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-gssapi-auth: + rhcos4-e8-worker-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-rhosts: + rhcos4-e8-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-root-login: + rhcos4-e8-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-user-known-hosts: + rhcos4-e8-worker-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-do-not-permit-user-env: + rhcos4-e8-worker-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-enable-strictmodes: + rhcos4-e8-worker-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-print-last-log: + rhcos4-e8-worker-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-set-loglevel-info: + rhcos4-e8-worker-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-dmesg-restrict: + rhcos4-e8-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-kptr-restrict: + rhcos4-e8-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-randomize-va-space: + rhcos4-e8-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-high-4.12.yml b/tests/assertions/ocp4/rhcos4-high-4.12.yml index ed2c3b9d2ff..174a72dd80a 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.12.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.12.yml @@ -1,1449 +1,1449 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-high-4.13.yml b/tests/assertions/ocp4/rhcos4-high-4.13.yml index 833838d0ef8..9337adb9ce3 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.13.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.13.yml @@ -1,1449 +1,1449 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-high-4.14.yml b/tests/assertions/ocp4/rhcos4-high-4.14.yml index 833838d0ef8..9337adb9ce3 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.14.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.14.yml @@ -1,1449 +1,1449 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-high-4.15.yml b/tests/assertions/ocp4/rhcos4-high-4.15.yml index 0ac8ddb3bcc..ef953f011ec 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.15.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.15.yml @@ -1,1443 +1,1443 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-high-4.16.yml b/tests/assertions/ocp4/rhcos4-high-4.16.yml index 910d90fbed2..7428aea41f1 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.16.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.16.yml @@ -1,1443 +1,1443 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-high-4.17.yml b/tests/assertions/ocp4/rhcos4-high-4.17.yml index 1bc14ec4897..703bee73700 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.17.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.17.yml @@ -1,1449 +1,1449 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-high-4.18.yml b/tests/assertions/ocp4/rhcos4-high-4.18.yml index 1bc14ec4897..703bee73700 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.18.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.18.yml @@ -1,1449 +1,1449 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-high-4.2.yml b/tests/assertions/ocp4/rhcos4-high-4.2.yml index 88c5a7ffec4..835bac7eaf4 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.2.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.2.yml @@ -1,1453 +1,1453 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: FAIL - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: FAIL - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-moderate-4.12.yml b/tests/assertions/ocp4/rhcos4-moderate-4.12.yml index 5bb8296d48e..c00878a38dc 100644 --- a/tests/assertions/ocp4/rhcos4-moderate-4.12.yml +++ b/tests/assertions/ocp4/rhcos4-moderate-4.12.yml @@ -1,1443 +1,1443 @@ rule_results: - e2e-moderate-master-accounts-no-uid-except-zero: + rhcos4-moderate-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-chmod: + rhcos4-moderate-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-chown: + rhcos4-moderate-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-fchmod: + rhcos4-moderate-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchown: + rhcos4-moderate-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchownat: + rhcos4-moderate-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lchown: + rhcos4-moderate-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-removexattr: + rhcos4-moderate-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-setxattr: + rhcos4-moderate-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-open: + rhcos4-moderate-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-openat: + rhcos4-moderate-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-open: + rhcos4-moderate-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-openat: + rhcos4-moderate-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-open: + rhcos4-moderate-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-openat: + rhcos4-moderate-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-open: + rhcos4-moderate-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-openat: + rhcos4-moderate-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-chcon: + rhcos4-moderate-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-restorecon: + rhcos4-moderate-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-semanage: + rhcos4-moderate-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setfiles: + rhcos4-moderate-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setsebool: + rhcos4-moderate-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-seunshare: + rhcos4-moderate-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rename: + rhcos4-moderate-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-immutable: + rhcos4-moderate-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-init: + rhcos4-moderate-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-faillock: + rhcos4-moderate-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-lastlog: + rhcos4-moderate-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-tallylog: + rhcos4-moderate-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-mac-modification: + rhcos4-moderate-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-media-export: + rhcos4-moderate-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-networkconfig-modification: + rhcos4-moderate-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-at: + rhcos4-moderate-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chage: + rhcos4-moderate-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chsh: + rhcos4-moderate-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-crontab: + rhcos4-moderate-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-mount: + rhcos4-moderate-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-passwd: + rhcos4-moderate-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-su: + rhcos4-moderate-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudo: + rhcos4-moderate-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-umount: + rhcos4-moderate-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-session-events: + rhcos4-moderate-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-sysadmin-actions: + rhcos4-moderate-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-adjtimex: + rhcos4-moderate-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-clock-settime: + rhcos4-moderate-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-settimeofday: + rhcos4-moderate-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-stime: + rhcos4-moderate-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-time-watch-localtime: + rhcos4-moderate-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-group: + rhcos4-moderate-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-error-action: + rhcos4-moderate-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-full-action: + rhcos4-moderate-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-flush: + rhcos4-moderate-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file: + rhcos4-moderate-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file-action: + rhcos4-moderate-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-num-logs: + rhcos4-moderate-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left: + rhcos4-moderate-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left-action: + rhcos4-moderate-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-freq: + rhcos4-moderate-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-local-events: + rhcos4-moderate-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-log-format: + rhcos4-moderate-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-name-format: + rhcos4-moderate-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-write-logs: + rhcos4-moderate-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-banner-etc-issue: + rhcos4-moderate-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-bios-disable-usb-boot: + rhcos4-moderate-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-master-chronyd-client-only: + rhcos4-moderate-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-no-chronyc-network: + rhcos4-moderate-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-crypto-policy: + rhcos4-moderate-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-kerberos-crypto-policy: + rhcos4-moderate-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-openssl-crypto-policy: + rhcos4-moderate-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-ssh-crypto-policy: + rhcos4-moderate-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-usbguard-auditbackend: + rhcos4-moderate-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-master-coredump-disable-backtraces: + rhcos4-moderate-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coredump-disable-storage: + rhcos4-moderate-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-option: + rhcos4-moderate-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-disable-interactive-boot: + rhcos4-moderate-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-nousb-kernel-argument: + rhcos4-moderate-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-page-poison-kernel-argument: + rhcos4-moderate-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-pti-kernel-argument: + rhcos4-moderate-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-vsyscall-kernel-argument: + rhcos4-moderate-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-access-var-log-audit: + rhcos4-moderate-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-permissions-var-log-audit: + rhcos4-moderate-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-burstaction: + rhcos4-moderate-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-reboot: + rhcos4-moderate-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-users-coredumps: + rhcos4-moderate-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-enable-fips-mode: + rhcos4-moderate-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-ensure-logrotate-activated: + rhcos4-moderate-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-file-groupowner-sshd-config: + rhcos4-moderate-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-owner-sshd-config: + rhcos4-moderate-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-ownership-var-log-audit: + rhcos4-moderate-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-config: + rhcos4-moderate-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-private-key: + rhcos4-moderate-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-pub-key: + rhcos4-moderate-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-var-log-audit: + rhcos4-moderate-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-kernel-module-atm-disabled: + rhcos4-moderate-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-bluetooth-disabled: + rhcos4-moderate-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-can-disabled: + rhcos4-moderate-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cfg80211-disabled: + rhcos4-moderate-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cramfs-disabled: + rhcos4-moderate-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-firewire-core-disabled: + rhcos4-moderate-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-freevxfs-disabled: + rhcos4-moderate-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfs-disabled: + rhcos4-moderate-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfsplus-disabled: + rhcos4-moderate-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlmvm-disabled: + rhcos4-moderate-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlwifi-disabled: + rhcos4-moderate-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-jffs2-disabled: + rhcos4-moderate-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-mac80211-disabled: + rhcos4-moderate-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-sctp-disabled: + rhcos4-moderate-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-squashfs-disabled: + rhcos4-moderate-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-tipc-disabled: + rhcos4-moderate-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-udf-disabled: + rhcos4-moderate-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-usb-storage-disabled: + rhcos4-moderate-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-direct-root-logins: + rhcos4-moderate-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-empty-passwords: + rhcos4-moderate-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-netrc-files: + rhcos4-moderate-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-shelllogin-for-systemaccounts: + rhcos4-moderate-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-tmux-in-shells: + rhcos4-moderate-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-package-audit-installed: + rhcos4-moderate-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-iptables-installed: + rhcos4-moderate-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-iptables-nft-installed: + rhcos4-moderate-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-sudo-installed: + rhcos4-moderate-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-usbguard-installed: + rhcos4-moderate-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-partition-for-var-log: + rhcos4-moderate-master-partition-for-var-log: default_result: MANUAL - e2e-moderate-master-partition-for-var-log-audit: + rhcos4-moderate-master-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-master-require-singleuser-auth: + rhcos4-moderate-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-policytype: + rhcos4-moderate-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-state: + rhcos4-moderate-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-auditd-enabled: + rhcos4-moderate-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-autofs-disabled: + rhcos4-moderate-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-service-bluetooth-disabled: + rhcos4-moderate-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-debug-shell-disabled: + rhcos4-moderate-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-systemd-coredump-disabled: + rhcos4-moderate-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-usbguard-enabled: + rhcos4-moderate-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-disable-rhosts: + rhcos4-moderate-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-limit-user-access: + rhcos4-moderate-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-master-sshd-set-idle-timeout: + rhcos4-moderate-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-set-keepalive: + rhcos4-moderate-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-hardlinks: + rhcos4-moderate-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-symlinks: + rhcos4-moderate-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-core-pattern: + rhcos4-moderate-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kptr-restrict: + rhcos4-moderate-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-usbguard-allow-hid-and-hub: + rhcos4-moderate-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-wireless-disable-in-bios: + rhcos4-moderate-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-master-wireless-disable-interfaces: + rhcos4-moderate-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-accounts-no-uid-except-zero: + rhcos4-moderate-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-chmod: + rhcos4-moderate-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-chown: + rhcos4-moderate-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-fchmod: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchown: + rhcos4-moderate-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchownat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lchown: + rhcos4-moderate-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-removexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-setxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-open: + rhcos4-moderate-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-openat: + rhcos4-moderate-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-open: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-openat: + rhcos4-moderate-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-open: + rhcos4-moderate-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-openat: + rhcos4-moderate-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-open: + rhcos4-moderate-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-openat: + rhcos4-moderate-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-chcon: + rhcos4-moderate-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-restorecon: + rhcos4-moderate-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-semanage: + rhcos4-moderate-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setfiles: + rhcos4-moderate-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setsebool: + rhcos4-moderate-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-seunshare: + rhcos4-moderate-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rename: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-immutable: + rhcos4-moderate-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-init: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-faillock: + rhcos4-moderate-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-lastlog: + rhcos4-moderate-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-tallylog: + rhcos4-moderate-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-mac-modification: + rhcos4-moderate-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-media-export: + rhcos4-moderate-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-networkconfig-modification: + rhcos4-moderate-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-at: + rhcos4-moderate-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chage: + rhcos4-moderate-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chsh: + rhcos4-moderate-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-crontab: + rhcos4-moderate-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-mount: + rhcos4-moderate-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-passwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-su: + rhcos4-moderate-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudo: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-umount: + rhcos4-moderate-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-session-events: + rhcos4-moderate-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-sysadmin-actions: + rhcos4-moderate-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-adjtimex: + rhcos4-moderate-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-clock-settime: + rhcos4-moderate-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-settimeofday: + rhcos4-moderate-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-stime: + rhcos4-moderate-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-time-watch-localtime: + rhcos4-moderate-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-group: + rhcos4-moderate-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-error-action: + rhcos4-moderate-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-full-action: + rhcos4-moderate-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-flush: + rhcos4-moderate-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file: + rhcos4-moderate-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file-action: + rhcos4-moderate-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-num-logs: + rhcos4-moderate-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left: + rhcos4-moderate-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-freq: + rhcos4-moderate-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-local-events: + rhcos4-moderate-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-log-format: + rhcos4-moderate-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-name-format: + rhcos4-moderate-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-write-logs: + rhcos4-moderate-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-banner-etc-issue: + rhcos4-moderate-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-bios-disable-usb-boot: + rhcos4-moderate-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-worker-chronyd-client-only: + rhcos4-moderate-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-no-chronyc-network: + rhcos4-moderate-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-crypto-policy: + rhcos4-moderate-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-kerberos-crypto-policy: + rhcos4-moderate-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-openssl-crypto-policy: + rhcos4-moderate-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-ssh-crypto-policy: + rhcos4-moderate-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-usbguard-auditbackend: + rhcos4-moderate-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-backtraces: + rhcos4-moderate-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-storage: + rhcos4-moderate-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-option: + rhcos4-moderate-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-disable-interactive-boot: + rhcos4-moderate-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-nousb-kernel-argument: + rhcos4-moderate-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-page-poison-kernel-argument: + rhcos4-moderate-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-pti-kernel-argument: + rhcos4-moderate-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-vsyscall-kernel-argument: + rhcos4-moderate-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-access-var-log-audit: + rhcos4-moderate-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-permissions-var-log-audit: + rhcos4-moderate-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-burstaction: + rhcos4-moderate-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-reboot: + rhcos4-moderate-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-users-coredumps: + rhcos4-moderate-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-enable-fips-mode: + rhcos4-moderate-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-ensure-logrotate-activated: + rhcos4-moderate-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-file-groupowner-sshd-config: + rhcos4-moderate-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-owner-sshd-config: + rhcos4-moderate-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-ownership-var-log-audit: + rhcos4-moderate-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-config: + rhcos4-moderate-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-private-key: + rhcos4-moderate-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-pub-key: + rhcos4-moderate-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-var-log-audit: + rhcos4-moderate-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-kernel-module-atm-disabled: + rhcos4-moderate-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-bluetooth-disabled: + rhcos4-moderate-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-can-disabled: + rhcos4-moderate-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cfg80211-disabled: + rhcos4-moderate-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cramfs-disabled: + rhcos4-moderate-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-firewire-core-disabled: + rhcos4-moderate-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-freevxfs-disabled: + rhcos4-moderate-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfs-disabled: + rhcos4-moderate-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfsplus-disabled: + rhcos4-moderate-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlmvm-disabled: + rhcos4-moderate-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlwifi-disabled: + rhcos4-moderate-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-jffs2-disabled: + rhcos4-moderate-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-mac80211-disabled: + rhcos4-moderate-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-sctp-disabled: + rhcos4-moderate-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-squashfs-disabled: + rhcos4-moderate-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-tipc-disabled: + rhcos4-moderate-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-udf-disabled: + rhcos4-moderate-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-usb-storage-disabled: + rhcos4-moderate-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-direct-root-logins: + rhcos4-moderate-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-empty-passwords: + rhcos4-moderate-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-netrc-files: + rhcos4-moderate-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-shelllogin-for-systemaccounts: + rhcos4-moderate-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-tmux-in-shells: + rhcos4-moderate-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-package-audit-installed: + rhcos4-moderate-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-iptables-installed: + rhcos4-moderate-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-iptables-nft-installed: + rhcos4-moderate-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-sudo-installed: + rhcos4-moderate-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-usbguard-installed: + rhcos4-moderate-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-partition-for-var-log: + rhcos4-moderate-worker-partition-for-var-log: default_result: MANUAL - e2e-moderate-worker-partition-for-var-log-audit: + rhcos4-moderate-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-worker-require-singleuser-auth: + rhcos4-moderate-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-policytype: + rhcos4-moderate-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-state: + rhcos4-moderate-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-auditd-enabled: + rhcos4-moderate-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-autofs-disabled: + rhcos4-moderate-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-service-bluetooth-disabled: + rhcos4-moderate-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-debug-shell-disabled: + rhcos4-moderate-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-systemd-coredump-disabled: + rhcos4-moderate-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-usbguard-enabled: + rhcos4-moderate-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-disable-rhosts: + rhcos4-moderate-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-limit-user-access: + rhcos4-moderate-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-worker-sshd-set-idle-timeout: + rhcos4-moderate-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-set-keepalive: + rhcos4-moderate-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-hardlinks: + rhcos4-moderate-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-symlinks: + rhcos4-moderate-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-core-pattern: + rhcos4-moderate-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kptr-restrict: + rhcos4-moderate-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-usbguard-allow-hid-and-hub: + rhcos4-moderate-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-wireless-disable-in-bios: + rhcos4-moderate-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-worker-wireless-disable-interfaces: + rhcos4-moderate-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-moderate-4.13.yml b/tests/assertions/ocp4/rhcos4-moderate-4.13.yml index 4d41f02eba1..76b211a5636 100644 --- a/tests/assertions/ocp4/rhcos4-moderate-4.13.yml +++ b/tests/assertions/ocp4/rhcos4-moderate-4.13.yml @@ -1,1437 +1,1437 @@ rule_results: - e2e-moderate-master-accounts-no-uid-except-zero: + rhcos4-moderate-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-chmod: + rhcos4-moderate-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-chown: + rhcos4-moderate-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-fchmod: + rhcos4-moderate-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchown: + rhcos4-moderate-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchownat: + rhcos4-moderate-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lchown: + rhcos4-moderate-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-removexattr: + rhcos4-moderate-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-setxattr: + rhcos4-moderate-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-open: + rhcos4-moderate-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-openat: + rhcos4-moderate-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-open: + rhcos4-moderate-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-openat: + rhcos4-moderate-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-open: + rhcos4-moderate-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-openat: + rhcos4-moderate-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-open: + rhcos4-moderate-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-openat: + rhcos4-moderate-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-chcon: + rhcos4-moderate-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-restorecon: + rhcos4-moderate-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-semanage: + rhcos4-moderate-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setfiles: + rhcos4-moderate-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setsebool: + rhcos4-moderate-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-seunshare: + rhcos4-moderate-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rename: + rhcos4-moderate-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-immutable: + rhcos4-moderate-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-init: + rhcos4-moderate-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-faillock: + rhcos4-moderate-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-lastlog: + rhcos4-moderate-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-tallylog: + rhcos4-moderate-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-mac-modification: + rhcos4-moderate-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-media-export: + rhcos4-moderate-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-networkconfig-modification: + rhcos4-moderate-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-at: + rhcos4-moderate-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chage: + rhcos4-moderate-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chsh: + rhcos4-moderate-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-crontab: + rhcos4-moderate-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-mount: + rhcos4-moderate-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-passwd: + rhcos4-moderate-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-su: + rhcos4-moderate-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudo: + rhcos4-moderate-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-umount: + rhcos4-moderate-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-session-events: + rhcos4-moderate-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-sysadmin-actions: + rhcos4-moderate-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-adjtimex: + rhcos4-moderate-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-clock-settime: + rhcos4-moderate-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-settimeofday: + rhcos4-moderate-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-stime: + rhcos4-moderate-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-time-watch-localtime: + rhcos4-moderate-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-group: + rhcos4-moderate-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-error-action: + rhcos4-moderate-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-full-action: + rhcos4-moderate-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-flush: + rhcos4-moderate-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file: + rhcos4-moderate-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file-action: + rhcos4-moderate-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-num-logs: + rhcos4-moderate-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left: + rhcos4-moderate-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left-action: + rhcos4-moderate-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-freq: + rhcos4-moderate-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-local-events: + rhcos4-moderate-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-log-format: + rhcos4-moderate-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-name-format: + rhcos4-moderate-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-write-logs: + rhcos4-moderate-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-banner-etc-issue: + rhcos4-moderate-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-bios-disable-usb-boot: + rhcos4-moderate-master-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-master-chronyd-client-only: + rhcos4-moderate-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-no-chronyc-network: + rhcos4-moderate-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-crypto-policy: + rhcos4-moderate-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-kerberos-crypto-policy: + rhcos4-moderate-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-openssl-crypto-policy: + rhcos4-moderate-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-ssh-crypto-policy: + rhcos4-moderate-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-usbguard-auditbackend: + rhcos4-moderate-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-master-coredump-disable-backtraces: + rhcos4-moderate-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coredump-disable-storage: + rhcos4-moderate-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-option: + rhcos4-moderate-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-disable-interactive-boot: + rhcos4-moderate-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-nousb-kernel-argument: + rhcos4-moderate-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-page-poison-kernel-argument: + rhcos4-moderate-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-pti-kernel-argument: + rhcos4-moderate-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-vsyscall-kernel-argument: + rhcos4-moderate-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-access-var-log-audit: + rhcos4-moderate-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-permissions-var-log-audit: + rhcos4-moderate-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-burstaction: + rhcos4-moderate-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-reboot: + rhcos4-moderate-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-users-coredumps: + rhcos4-moderate-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-enable-fips-mode: + rhcos4-moderate-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-ensure-logrotate-activated: + rhcos4-moderate-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-file-groupowner-sshd-config: + rhcos4-moderate-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-owner-sshd-config: + rhcos4-moderate-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-ownership-var-log-audit: + rhcos4-moderate-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-config: + rhcos4-moderate-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-private-key: + rhcos4-moderate-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-pub-key: + rhcos4-moderate-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-var-log-audit: + rhcos4-moderate-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-kernel-module-atm-disabled: + rhcos4-moderate-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-bluetooth-disabled: + rhcos4-moderate-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-can-disabled: + rhcos4-moderate-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cfg80211-disabled: + rhcos4-moderate-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cramfs-disabled: + rhcos4-moderate-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-firewire-core-disabled: + rhcos4-moderate-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-freevxfs-disabled: + rhcos4-moderate-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfs-disabled: + rhcos4-moderate-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfsplus-disabled: + rhcos4-moderate-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlmvm-disabled: + rhcos4-moderate-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlwifi-disabled: + rhcos4-moderate-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-jffs2-disabled: + rhcos4-moderate-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-mac80211-disabled: + rhcos4-moderate-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-sctp-disabled: + rhcos4-moderate-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-squashfs-disabled: + rhcos4-moderate-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-tipc-disabled: + rhcos4-moderate-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-udf-disabled: + rhcos4-moderate-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-usb-storage-disabled: + rhcos4-moderate-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-direct-root-logins: + rhcos4-moderate-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-empty-passwords: + rhcos4-moderate-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-netrc-files: + rhcos4-moderate-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-shelllogin-for-systemaccounts: + rhcos4-moderate-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-tmux-in-shells: + rhcos4-moderate-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-package-audit-installed: + rhcos4-moderate-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-iptables-installed: + rhcos4-moderate-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-iptables-nft-installed: + rhcos4-moderate-master-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-sudo-installed: + rhcos4-moderate-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-usbguard-installed: + rhcos4-moderate-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-partition-for-var-log: + rhcos4-moderate-master-partition-for-var-log: default_result: MANUAL - e2e-moderate-master-partition-for-var-log-audit: + rhcos4-moderate-master-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-master-require-singleuser-auth: + rhcos4-moderate-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-policytype: + rhcos4-moderate-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-state: + rhcos4-moderate-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-auditd-enabled: + rhcos4-moderate-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-autofs-disabled: + rhcos4-moderate-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-service-bluetooth-disabled: + rhcos4-moderate-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-debug-shell-disabled: + rhcos4-moderate-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-systemd-coredump-disabled: + rhcos4-moderate-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-usbguard-enabled: + rhcos4-moderate-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-disable-rhosts: + rhcos4-moderate-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-limit-user-access: + rhcos4-moderate-master-sshd-limit-user-access: default_result: FAIL - e2e-moderate-master-sshd-set-idle-timeout: + rhcos4-moderate-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-set-keepalive: + rhcos4-moderate-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-hardlinks: + rhcos4-moderate-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-symlinks: + rhcos4-moderate-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-core-pattern: + rhcos4-moderate-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kptr-restrict: + rhcos4-moderate-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-usbguard-allow-hid-and-hub: + rhcos4-moderate-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-wireless-disable-in-bios: + rhcos4-moderate-master-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-master-wireless-disable-interfaces: + rhcos4-moderate-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-accounts-no-uid-except-zero: + rhcos4-moderate-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-chmod: + rhcos4-moderate-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-chown: + rhcos4-moderate-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-fchmod: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchown: + rhcos4-moderate-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchownat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lchown: + rhcos4-moderate-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-removexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-setxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-open: + rhcos4-moderate-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-openat: + rhcos4-moderate-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-open: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-openat: + rhcos4-moderate-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-open: + rhcos4-moderate-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-openat: + rhcos4-moderate-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-open: + rhcos4-moderate-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-openat: + rhcos4-moderate-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-chcon: + rhcos4-moderate-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-restorecon: + rhcos4-moderate-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-semanage: + rhcos4-moderate-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setfiles: + rhcos4-moderate-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setsebool: + rhcos4-moderate-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-seunshare: + rhcos4-moderate-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rename: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-immutable: + rhcos4-moderate-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-init: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-faillock: + rhcos4-moderate-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-lastlog: + rhcos4-moderate-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-tallylog: + rhcos4-moderate-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-mac-modification: + rhcos4-moderate-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-media-export: + rhcos4-moderate-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-networkconfig-modification: + rhcos4-moderate-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-at: + rhcos4-moderate-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chage: + rhcos4-moderate-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chsh: + rhcos4-moderate-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-crontab: + rhcos4-moderate-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-mount: + rhcos4-moderate-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-passwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-su: + rhcos4-moderate-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudo: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-umount: + rhcos4-moderate-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-session-events: + rhcos4-moderate-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-sysadmin-actions: + rhcos4-moderate-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-adjtimex: + rhcos4-moderate-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-clock-settime: + rhcos4-moderate-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-settimeofday: + rhcos4-moderate-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-stime: + rhcos4-moderate-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-time-watch-localtime: + rhcos4-moderate-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-group: + rhcos4-moderate-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-error-action: + rhcos4-moderate-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-full-action: + rhcos4-moderate-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-flush: + rhcos4-moderate-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file: + rhcos4-moderate-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file-action: + rhcos4-moderate-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-num-logs: + rhcos4-moderate-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left: + rhcos4-moderate-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-freq: + rhcos4-moderate-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-local-events: + rhcos4-moderate-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-log-format: + rhcos4-moderate-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-name-format: + rhcos4-moderate-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-write-logs: + rhcos4-moderate-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-banner-etc-issue: + rhcos4-moderate-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-bios-disable-usb-boot: + rhcos4-moderate-worker-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-worker-chronyd-client-only: + rhcos4-moderate-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-no-chronyc-network: + rhcos4-moderate-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-crypto-policy: + rhcos4-moderate-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-kerberos-crypto-policy: + rhcos4-moderate-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-openssl-crypto-policy: + rhcos4-moderate-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-ssh-crypto-policy: + rhcos4-moderate-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-usbguard-auditbackend: + rhcos4-moderate-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-backtraces: + rhcos4-moderate-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-storage: + rhcos4-moderate-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-option: + rhcos4-moderate-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-disable-interactive-boot: + rhcos4-moderate-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-nousb-kernel-argument: + rhcos4-moderate-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-page-poison-kernel-argument: + rhcos4-moderate-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-pti-kernel-argument: + rhcos4-moderate-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-vsyscall-kernel-argument: + rhcos4-moderate-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-access-var-log-audit: + rhcos4-moderate-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-permissions-var-log-audit: + rhcos4-moderate-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-burstaction: + rhcos4-moderate-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-reboot: + rhcos4-moderate-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-users-coredumps: + rhcos4-moderate-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-enable-fips-mode: + rhcos4-moderate-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-ensure-logrotate-activated: + rhcos4-moderate-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-file-groupowner-sshd-config: + rhcos4-moderate-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-owner-sshd-config: + rhcos4-moderate-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-ownership-var-log-audit: + rhcos4-moderate-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-config: + rhcos4-moderate-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-private-key: + rhcos4-moderate-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-pub-key: + rhcos4-moderate-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-var-log-audit: + rhcos4-moderate-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-kernel-module-atm-disabled: + rhcos4-moderate-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-bluetooth-disabled: + rhcos4-moderate-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-can-disabled: + rhcos4-moderate-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cfg80211-disabled: + rhcos4-moderate-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cramfs-disabled: + rhcos4-moderate-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-firewire-core-disabled: + rhcos4-moderate-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-freevxfs-disabled: + rhcos4-moderate-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfs-disabled: + rhcos4-moderate-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfsplus-disabled: + rhcos4-moderate-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlmvm-disabled: + rhcos4-moderate-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlwifi-disabled: + rhcos4-moderate-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-jffs2-disabled: + rhcos4-moderate-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-mac80211-disabled: + rhcos4-moderate-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-sctp-disabled: + rhcos4-moderate-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-squashfs-disabled: + rhcos4-moderate-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-tipc-disabled: + rhcos4-moderate-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-udf-disabled: + rhcos4-moderate-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-usb-storage-disabled: + rhcos4-moderate-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-direct-root-logins: + rhcos4-moderate-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-empty-passwords: + rhcos4-moderate-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-netrc-files: + rhcos4-moderate-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-shelllogin-for-systemaccounts: + rhcos4-moderate-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-tmux-in-shells: + rhcos4-moderate-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-package-audit-installed: + rhcos4-moderate-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-iptables-installed: + rhcos4-moderate-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-iptables-nft-installed: + rhcos4-moderate-worker-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-sudo-installed: + rhcos4-moderate-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-usbguard-installed: + rhcos4-moderate-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-partition-for-var-log: + rhcos4-moderate-worker-partition-for-var-log: default_result: MANUAL - e2e-moderate-worker-partition-for-var-log-audit: + rhcos4-moderate-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-worker-require-singleuser-auth: + rhcos4-moderate-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-policytype: + rhcos4-moderate-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-state: + rhcos4-moderate-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-auditd-enabled: + rhcos4-moderate-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-autofs-disabled: + rhcos4-moderate-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-service-bluetooth-disabled: + rhcos4-moderate-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-debug-shell-disabled: + rhcos4-moderate-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-systemd-coredump-disabled: + rhcos4-moderate-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-usbguard-enabled: + rhcos4-moderate-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-disable-rhosts: + rhcos4-moderate-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-limit-user-access: + rhcos4-moderate-worker-sshd-limit-user-access: default_result: FAIL - e2e-moderate-worker-sshd-set-idle-timeout: + rhcos4-moderate-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-set-keepalive: + rhcos4-moderate-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-hardlinks: + rhcos4-moderate-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-symlinks: + rhcos4-moderate-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-core-pattern: + rhcos4-moderate-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kptr-restrict: + rhcos4-moderate-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-usbguard-allow-hid-and-hub: + rhcos4-moderate-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-wireless-disable-in-bios: + rhcos4-moderate-worker-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-worker-wireless-disable-interfaces: + rhcos4-moderate-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-moderate-4.14.yml b/tests/assertions/ocp4/rhcos4-moderate-4.14.yml index 4d41f02eba1..76b211a5636 100644 --- a/tests/assertions/ocp4/rhcos4-moderate-4.14.yml +++ b/tests/assertions/ocp4/rhcos4-moderate-4.14.yml @@ -1,1437 +1,1437 @@ rule_results: - e2e-moderate-master-accounts-no-uid-except-zero: + rhcos4-moderate-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-chmod: + rhcos4-moderate-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-chown: + rhcos4-moderate-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-fchmod: + rhcos4-moderate-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchown: + rhcos4-moderate-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchownat: + rhcos4-moderate-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lchown: + rhcos4-moderate-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-removexattr: + rhcos4-moderate-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-setxattr: + rhcos4-moderate-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-open: + rhcos4-moderate-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-openat: + rhcos4-moderate-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-open: + rhcos4-moderate-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-openat: + rhcos4-moderate-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-open: + rhcos4-moderate-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-openat: + rhcos4-moderate-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-open: + rhcos4-moderate-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-openat: + rhcos4-moderate-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-chcon: + rhcos4-moderate-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-restorecon: + rhcos4-moderate-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-semanage: + rhcos4-moderate-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setfiles: + rhcos4-moderate-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setsebool: + rhcos4-moderate-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-seunshare: + rhcos4-moderate-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rename: + rhcos4-moderate-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-immutable: + rhcos4-moderate-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-init: + rhcos4-moderate-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-faillock: + rhcos4-moderate-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-lastlog: + rhcos4-moderate-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-tallylog: + rhcos4-moderate-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-mac-modification: + rhcos4-moderate-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-media-export: + rhcos4-moderate-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-networkconfig-modification: + rhcos4-moderate-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-at: + rhcos4-moderate-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chage: + rhcos4-moderate-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chsh: + rhcos4-moderate-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-crontab: + rhcos4-moderate-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-mount: + rhcos4-moderate-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-passwd: + rhcos4-moderate-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-su: + rhcos4-moderate-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudo: + rhcos4-moderate-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-umount: + rhcos4-moderate-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-session-events: + rhcos4-moderate-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-sysadmin-actions: + rhcos4-moderate-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-adjtimex: + rhcos4-moderate-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-clock-settime: + rhcos4-moderate-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-settimeofday: + rhcos4-moderate-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-stime: + rhcos4-moderate-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-time-watch-localtime: + rhcos4-moderate-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-group: + rhcos4-moderate-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-error-action: + rhcos4-moderate-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-full-action: + rhcos4-moderate-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-flush: + rhcos4-moderate-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file: + rhcos4-moderate-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file-action: + rhcos4-moderate-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-num-logs: + rhcos4-moderate-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left: + rhcos4-moderate-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left-action: + rhcos4-moderate-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-freq: + rhcos4-moderate-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-local-events: + rhcos4-moderate-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-log-format: + rhcos4-moderate-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-name-format: + rhcos4-moderate-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-write-logs: + rhcos4-moderate-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-banner-etc-issue: + rhcos4-moderate-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-bios-disable-usb-boot: + rhcos4-moderate-master-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-master-chronyd-client-only: + rhcos4-moderate-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-no-chronyc-network: + rhcos4-moderate-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-crypto-policy: + rhcos4-moderate-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-kerberos-crypto-policy: + rhcos4-moderate-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-openssl-crypto-policy: + rhcos4-moderate-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-ssh-crypto-policy: + rhcos4-moderate-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-usbguard-auditbackend: + rhcos4-moderate-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-master-coredump-disable-backtraces: + rhcos4-moderate-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coredump-disable-storage: + rhcos4-moderate-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-option: + rhcos4-moderate-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-disable-interactive-boot: + rhcos4-moderate-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-nousb-kernel-argument: + rhcos4-moderate-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-page-poison-kernel-argument: + rhcos4-moderate-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-pti-kernel-argument: + rhcos4-moderate-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-vsyscall-kernel-argument: + rhcos4-moderate-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-access-var-log-audit: + rhcos4-moderate-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-permissions-var-log-audit: + rhcos4-moderate-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-burstaction: + rhcos4-moderate-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-reboot: + rhcos4-moderate-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-users-coredumps: + rhcos4-moderate-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-enable-fips-mode: + rhcos4-moderate-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-ensure-logrotate-activated: + rhcos4-moderate-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-file-groupowner-sshd-config: + rhcos4-moderate-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-owner-sshd-config: + rhcos4-moderate-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-ownership-var-log-audit: + rhcos4-moderate-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-config: + rhcos4-moderate-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-private-key: + rhcos4-moderate-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-pub-key: + rhcos4-moderate-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-var-log-audit: + rhcos4-moderate-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-kernel-module-atm-disabled: + rhcos4-moderate-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-bluetooth-disabled: + rhcos4-moderate-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-can-disabled: + rhcos4-moderate-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cfg80211-disabled: + rhcos4-moderate-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cramfs-disabled: + rhcos4-moderate-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-firewire-core-disabled: + rhcos4-moderate-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-freevxfs-disabled: + rhcos4-moderate-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfs-disabled: + rhcos4-moderate-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfsplus-disabled: + rhcos4-moderate-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlmvm-disabled: + rhcos4-moderate-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlwifi-disabled: + rhcos4-moderate-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-jffs2-disabled: + rhcos4-moderate-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-mac80211-disabled: + rhcos4-moderate-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-sctp-disabled: + rhcos4-moderate-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-squashfs-disabled: + rhcos4-moderate-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-tipc-disabled: + rhcos4-moderate-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-udf-disabled: + rhcos4-moderate-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-usb-storage-disabled: + rhcos4-moderate-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-direct-root-logins: + rhcos4-moderate-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-empty-passwords: + rhcos4-moderate-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-netrc-files: + rhcos4-moderate-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-shelllogin-for-systemaccounts: + rhcos4-moderate-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-tmux-in-shells: + rhcos4-moderate-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-package-audit-installed: + rhcos4-moderate-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-iptables-installed: + rhcos4-moderate-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-iptables-nft-installed: + rhcos4-moderate-master-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-sudo-installed: + rhcos4-moderate-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-usbguard-installed: + rhcos4-moderate-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-partition-for-var-log: + rhcos4-moderate-master-partition-for-var-log: default_result: MANUAL - e2e-moderate-master-partition-for-var-log-audit: + rhcos4-moderate-master-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-master-require-singleuser-auth: + rhcos4-moderate-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-policytype: + rhcos4-moderate-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-state: + rhcos4-moderate-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-auditd-enabled: + rhcos4-moderate-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-autofs-disabled: + rhcos4-moderate-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-service-bluetooth-disabled: + rhcos4-moderate-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-debug-shell-disabled: + rhcos4-moderate-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-systemd-coredump-disabled: + rhcos4-moderate-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-usbguard-enabled: + rhcos4-moderate-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-disable-rhosts: + rhcos4-moderate-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-limit-user-access: + rhcos4-moderate-master-sshd-limit-user-access: default_result: FAIL - e2e-moderate-master-sshd-set-idle-timeout: + rhcos4-moderate-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-set-keepalive: + rhcos4-moderate-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-hardlinks: + rhcos4-moderate-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-symlinks: + rhcos4-moderate-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-core-pattern: + rhcos4-moderate-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kptr-restrict: + rhcos4-moderate-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-usbguard-allow-hid-and-hub: + rhcos4-moderate-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-wireless-disable-in-bios: + rhcos4-moderate-master-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-master-wireless-disable-interfaces: + rhcos4-moderate-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-accounts-no-uid-except-zero: + rhcos4-moderate-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-chmod: + rhcos4-moderate-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-chown: + rhcos4-moderate-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-fchmod: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchown: + rhcos4-moderate-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchownat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lchown: + rhcos4-moderate-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-removexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-setxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-open: + rhcos4-moderate-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-openat: + rhcos4-moderate-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-open: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-openat: + rhcos4-moderate-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-open: + rhcos4-moderate-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-openat: + rhcos4-moderate-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-open: + rhcos4-moderate-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-openat: + rhcos4-moderate-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-chcon: + rhcos4-moderate-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-restorecon: + rhcos4-moderate-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-semanage: + rhcos4-moderate-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setfiles: + rhcos4-moderate-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setsebool: + rhcos4-moderate-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-seunshare: + rhcos4-moderate-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rename: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-immutable: + rhcos4-moderate-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-init: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-faillock: + rhcos4-moderate-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-lastlog: + rhcos4-moderate-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-tallylog: + rhcos4-moderate-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-mac-modification: + rhcos4-moderate-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-media-export: + rhcos4-moderate-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-networkconfig-modification: + rhcos4-moderate-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-at: + rhcos4-moderate-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chage: + rhcos4-moderate-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chsh: + rhcos4-moderate-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-crontab: + rhcos4-moderate-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-mount: + rhcos4-moderate-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-passwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-su: + rhcos4-moderate-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudo: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-umount: + rhcos4-moderate-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-session-events: + rhcos4-moderate-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-sysadmin-actions: + rhcos4-moderate-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-adjtimex: + rhcos4-moderate-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-clock-settime: + rhcos4-moderate-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-settimeofday: + rhcos4-moderate-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-stime: + rhcos4-moderate-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-time-watch-localtime: + rhcos4-moderate-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-group: + rhcos4-moderate-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-error-action: + rhcos4-moderate-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-full-action: + rhcos4-moderate-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-flush: + rhcos4-moderate-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file: + rhcos4-moderate-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file-action: + rhcos4-moderate-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-num-logs: + rhcos4-moderate-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left: + rhcos4-moderate-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-freq: + rhcos4-moderate-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-local-events: + rhcos4-moderate-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-log-format: + rhcos4-moderate-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-name-format: + rhcos4-moderate-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-write-logs: + rhcos4-moderate-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-banner-etc-issue: + rhcos4-moderate-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-bios-disable-usb-boot: + rhcos4-moderate-worker-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-worker-chronyd-client-only: + rhcos4-moderate-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-no-chronyc-network: + rhcos4-moderate-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-crypto-policy: + rhcos4-moderate-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-kerberos-crypto-policy: + rhcos4-moderate-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-openssl-crypto-policy: + rhcos4-moderate-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-ssh-crypto-policy: + rhcos4-moderate-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-usbguard-auditbackend: + rhcos4-moderate-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-backtraces: + rhcos4-moderate-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-storage: + rhcos4-moderate-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-option: + rhcos4-moderate-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-disable-interactive-boot: + rhcos4-moderate-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-nousb-kernel-argument: + rhcos4-moderate-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-page-poison-kernel-argument: + rhcos4-moderate-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-pti-kernel-argument: + rhcos4-moderate-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-vsyscall-kernel-argument: + rhcos4-moderate-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-access-var-log-audit: + rhcos4-moderate-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-permissions-var-log-audit: + rhcos4-moderate-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-burstaction: + rhcos4-moderate-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-reboot: + rhcos4-moderate-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-users-coredumps: + rhcos4-moderate-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-enable-fips-mode: + rhcos4-moderate-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-ensure-logrotate-activated: + rhcos4-moderate-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-file-groupowner-sshd-config: + rhcos4-moderate-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-owner-sshd-config: + rhcos4-moderate-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-ownership-var-log-audit: + rhcos4-moderate-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-config: + rhcos4-moderate-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-private-key: + rhcos4-moderate-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-pub-key: + rhcos4-moderate-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-var-log-audit: + rhcos4-moderate-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-kernel-module-atm-disabled: + rhcos4-moderate-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-bluetooth-disabled: + rhcos4-moderate-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-can-disabled: + rhcos4-moderate-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cfg80211-disabled: + rhcos4-moderate-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cramfs-disabled: + rhcos4-moderate-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-firewire-core-disabled: + rhcos4-moderate-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-freevxfs-disabled: + rhcos4-moderate-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfs-disabled: + rhcos4-moderate-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfsplus-disabled: + rhcos4-moderate-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlmvm-disabled: + rhcos4-moderate-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlwifi-disabled: + rhcos4-moderate-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-jffs2-disabled: + rhcos4-moderate-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-mac80211-disabled: + rhcos4-moderate-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-sctp-disabled: + rhcos4-moderate-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-squashfs-disabled: + rhcos4-moderate-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-tipc-disabled: + rhcos4-moderate-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-udf-disabled: + rhcos4-moderate-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-usb-storage-disabled: + rhcos4-moderate-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-direct-root-logins: + rhcos4-moderate-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-empty-passwords: + rhcos4-moderate-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-netrc-files: + rhcos4-moderate-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-shelllogin-for-systemaccounts: + rhcos4-moderate-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-tmux-in-shells: + rhcos4-moderate-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-package-audit-installed: + rhcos4-moderate-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-iptables-installed: + rhcos4-moderate-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-iptables-nft-installed: + rhcos4-moderate-worker-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-sudo-installed: + rhcos4-moderate-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-usbguard-installed: + rhcos4-moderate-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-partition-for-var-log: + rhcos4-moderate-worker-partition-for-var-log: default_result: MANUAL - e2e-moderate-worker-partition-for-var-log-audit: + rhcos4-moderate-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-worker-require-singleuser-auth: + rhcos4-moderate-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-policytype: + rhcos4-moderate-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-state: + rhcos4-moderate-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-auditd-enabled: + rhcos4-moderate-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-autofs-disabled: + rhcos4-moderate-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-service-bluetooth-disabled: + rhcos4-moderate-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-debug-shell-disabled: + rhcos4-moderate-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-systemd-coredump-disabled: + rhcos4-moderate-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-usbguard-enabled: + rhcos4-moderate-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-disable-rhosts: + rhcos4-moderate-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-limit-user-access: + rhcos4-moderate-worker-sshd-limit-user-access: default_result: FAIL - e2e-moderate-worker-sshd-set-idle-timeout: + rhcos4-moderate-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-set-keepalive: + rhcos4-moderate-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-hardlinks: + rhcos4-moderate-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-symlinks: + rhcos4-moderate-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-core-pattern: + rhcos4-moderate-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kptr-restrict: + rhcos4-moderate-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-usbguard-allow-hid-and-hub: + rhcos4-moderate-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-wireless-disable-in-bios: + rhcos4-moderate-worker-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-worker-wireless-disable-interfaces: + rhcos4-moderate-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-moderate-4.15.yml b/tests/assertions/ocp4/rhcos4-moderate-4.15.yml index 4d41f02eba1..76b211a5636 100644 --- a/tests/assertions/ocp4/rhcos4-moderate-4.15.yml +++ b/tests/assertions/ocp4/rhcos4-moderate-4.15.yml @@ -1,1437 +1,1437 @@ rule_results: - e2e-moderate-master-accounts-no-uid-except-zero: + rhcos4-moderate-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-chmod: + rhcos4-moderate-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-chown: + rhcos4-moderate-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-fchmod: + rhcos4-moderate-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchown: + rhcos4-moderate-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchownat: + rhcos4-moderate-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lchown: + rhcos4-moderate-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-removexattr: + rhcos4-moderate-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-setxattr: + rhcos4-moderate-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-open: + rhcos4-moderate-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-openat: + rhcos4-moderate-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-open: + rhcos4-moderate-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-openat: + rhcos4-moderate-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-open: + rhcos4-moderate-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-openat: + rhcos4-moderate-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-open: + rhcos4-moderate-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-openat: + rhcos4-moderate-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-chcon: + rhcos4-moderate-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-restorecon: + rhcos4-moderate-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-semanage: + rhcos4-moderate-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setfiles: + rhcos4-moderate-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setsebool: + rhcos4-moderate-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-seunshare: + rhcos4-moderate-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rename: + rhcos4-moderate-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-immutable: + rhcos4-moderate-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-init: + rhcos4-moderate-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-faillock: + rhcos4-moderate-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-lastlog: + rhcos4-moderate-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-tallylog: + rhcos4-moderate-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-mac-modification: + rhcos4-moderate-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-media-export: + rhcos4-moderate-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-networkconfig-modification: + rhcos4-moderate-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-at: + rhcos4-moderate-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chage: + rhcos4-moderate-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chsh: + rhcos4-moderate-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-crontab: + rhcos4-moderate-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-mount: + rhcos4-moderate-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-passwd: + rhcos4-moderate-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-su: + rhcos4-moderate-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudo: + rhcos4-moderate-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-umount: + rhcos4-moderate-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-session-events: + rhcos4-moderate-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-sysadmin-actions: + rhcos4-moderate-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-adjtimex: + rhcos4-moderate-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-clock-settime: + rhcos4-moderate-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-settimeofday: + rhcos4-moderate-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-stime: + rhcos4-moderate-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-time-watch-localtime: + rhcos4-moderate-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-group: + rhcos4-moderate-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-error-action: + rhcos4-moderate-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-full-action: + rhcos4-moderate-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-flush: + rhcos4-moderate-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file: + rhcos4-moderate-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file-action: + rhcos4-moderate-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-num-logs: + rhcos4-moderate-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left: + rhcos4-moderate-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left-action: + rhcos4-moderate-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-freq: + rhcos4-moderate-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-local-events: + rhcos4-moderate-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-log-format: + rhcos4-moderate-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-name-format: + rhcos4-moderate-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-write-logs: + rhcos4-moderate-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-banner-etc-issue: + rhcos4-moderate-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-bios-disable-usb-boot: + rhcos4-moderate-master-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-master-chronyd-client-only: + rhcos4-moderate-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-no-chronyc-network: + rhcos4-moderate-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-crypto-policy: + rhcos4-moderate-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-kerberos-crypto-policy: + rhcos4-moderate-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-openssl-crypto-policy: + rhcos4-moderate-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-ssh-crypto-policy: + rhcos4-moderate-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-usbguard-auditbackend: + rhcos4-moderate-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-master-coredump-disable-backtraces: + rhcos4-moderate-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coredump-disable-storage: + rhcos4-moderate-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-option: + rhcos4-moderate-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-disable-interactive-boot: + rhcos4-moderate-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-nousb-kernel-argument: + rhcos4-moderate-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-page-poison-kernel-argument: + rhcos4-moderate-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-pti-kernel-argument: + rhcos4-moderate-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-vsyscall-kernel-argument: + rhcos4-moderate-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-access-var-log-audit: + rhcos4-moderate-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-permissions-var-log-audit: + rhcos4-moderate-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-burstaction: + rhcos4-moderate-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-reboot: + rhcos4-moderate-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-users-coredumps: + rhcos4-moderate-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-enable-fips-mode: + rhcos4-moderate-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-ensure-logrotate-activated: + rhcos4-moderate-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-file-groupowner-sshd-config: + rhcos4-moderate-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-owner-sshd-config: + rhcos4-moderate-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-ownership-var-log-audit: + rhcos4-moderate-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-config: + rhcos4-moderate-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-private-key: + rhcos4-moderate-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-pub-key: + rhcos4-moderate-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-var-log-audit: + rhcos4-moderate-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-kernel-module-atm-disabled: + rhcos4-moderate-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-bluetooth-disabled: + rhcos4-moderate-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-can-disabled: + rhcos4-moderate-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cfg80211-disabled: + rhcos4-moderate-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cramfs-disabled: + rhcos4-moderate-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-firewire-core-disabled: + rhcos4-moderate-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-freevxfs-disabled: + rhcos4-moderate-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfs-disabled: + rhcos4-moderate-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfsplus-disabled: + rhcos4-moderate-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlmvm-disabled: + rhcos4-moderate-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlwifi-disabled: + rhcos4-moderate-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-jffs2-disabled: + rhcos4-moderate-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-mac80211-disabled: + rhcos4-moderate-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-sctp-disabled: + rhcos4-moderate-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-squashfs-disabled: + rhcos4-moderate-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-tipc-disabled: + rhcos4-moderate-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-udf-disabled: + rhcos4-moderate-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-usb-storage-disabled: + rhcos4-moderate-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-direct-root-logins: + rhcos4-moderate-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-empty-passwords: + rhcos4-moderate-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-netrc-files: + rhcos4-moderate-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-shelllogin-for-systemaccounts: + rhcos4-moderate-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-tmux-in-shells: + rhcos4-moderate-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-package-audit-installed: + rhcos4-moderate-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-iptables-installed: + rhcos4-moderate-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-iptables-nft-installed: + rhcos4-moderate-master-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-sudo-installed: + rhcos4-moderate-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-usbguard-installed: + rhcos4-moderate-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-partition-for-var-log: + rhcos4-moderate-master-partition-for-var-log: default_result: MANUAL - e2e-moderate-master-partition-for-var-log-audit: + rhcos4-moderate-master-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-master-require-singleuser-auth: + rhcos4-moderate-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-policytype: + rhcos4-moderate-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-state: + rhcos4-moderate-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-auditd-enabled: + rhcos4-moderate-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-autofs-disabled: + rhcos4-moderate-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-service-bluetooth-disabled: + rhcos4-moderate-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-debug-shell-disabled: + rhcos4-moderate-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-systemd-coredump-disabled: + rhcos4-moderate-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-usbguard-enabled: + rhcos4-moderate-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-disable-rhosts: + rhcos4-moderate-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-limit-user-access: + rhcos4-moderate-master-sshd-limit-user-access: default_result: FAIL - e2e-moderate-master-sshd-set-idle-timeout: + rhcos4-moderate-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-set-keepalive: + rhcos4-moderate-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-hardlinks: + rhcos4-moderate-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-symlinks: + rhcos4-moderate-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-core-pattern: + rhcos4-moderate-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kptr-restrict: + rhcos4-moderate-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-usbguard-allow-hid-and-hub: + rhcos4-moderate-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-wireless-disable-in-bios: + rhcos4-moderate-master-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-master-wireless-disable-interfaces: + rhcos4-moderate-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-accounts-no-uid-except-zero: + rhcos4-moderate-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-chmod: + rhcos4-moderate-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-chown: + rhcos4-moderate-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-fchmod: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchown: + rhcos4-moderate-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchownat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lchown: + rhcos4-moderate-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-removexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-setxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-open: + rhcos4-moderate-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-openat: + rhcos4-moderate-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-open: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-openat: + rhcos4-moderate-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-open: + rhcos4-moderate-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-openat: + rhcos4-moderate-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-open: + rhcos4-moderate-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-openat: + rhcos4-moderate-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-chcon: + rhcos4-moderate-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-restorecon: + rhcos4-moderate-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-semanage: + rhcos4-moderate-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setfiles: + rhcos4-moderate-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setsebool: + rhcos4-moderate-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-seunshare: + rhcos4-moderate-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rename: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-immutable: + rhcos4-moderate-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-init: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-faillock: + rhcos4-moderate-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-lastlog: + rhcos4-moderate-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-tallylog: + rhcos4-moderate-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-mac-modification: + rhcos4-moderate-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-media-export: + rhcos4-moderate-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-networkconfig-modification: + rhcos4-moderate-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-at: + rhcos4-moderate-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chage: + rhcos4-moderate-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chsh: + rhcos4-moderate-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-crontab: + rhcos4-moderate-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-mount: + rhcos4-moderate-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-passwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-su: + rhcos4-moderate-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudo: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-umount: + rhcos4-moderate-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-session-events: + rhcos4-moderate-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-sysadmin-actions: + rhcos4-moderate-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-adjtimex: + rhcos4-moderate-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-clock-settime: + rhcos4-moderate-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-settimeofday: + rhcos4-moderate-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-stime: + rhcos4-moderate-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-time-watch-localtime: + rhcos4-moderate-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-group: + rhcos4-moderate-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-error-action: + rhcos4-moderate-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-full-action: + rhcos4-moderate-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-flush: + rhcos4-moderate-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file: + rhcos4-moderate-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file-action: + rhcos4-moderate-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-num-logs: + rhcos4-moderate-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left: + rhcos4-moderate-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-freq: + rhcos4-moderate-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-local-events: + rhcos4-moderate-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-log-format: + rhcos4-moderate-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-name-format: + rhcos4-moderate-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-write-logs: + rhcos4-moderate-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-banner-etc-issue: + rhcos4-moderate-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-bios-disable-usb-boot: + rhcos4-moderate-worker-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-worker-chronyd-client-only: + rhcos4-moderate-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-no-chronyc-network: + rhcos4-moderate-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-crypto-policy: + rhcos4-moderate-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-kerberos-crypto-policy: + rhcos4-moderate-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-openssl-crypto-policy: + rhcos4-moderate-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-ssh-crypto-policy: + rhcos4-moderate-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-usbguard-auditbackend: + rhcos4-moderate-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-backtraces: + rhcos4-moderate-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-storage: + rhcos4-moderate-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-option: + rhcos4-moderate-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-disable-interactive-boot: + rhcos4-moderate-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-nousb-kernel-argument: + rhcos4-moderate-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-page-poison-kernel-argument: + rhcos4-moderate-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-pti-kernel-argument: + rhcos4-moderate-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-vsyscall-kernel-argument: + rhcos4-moderate-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-access-var-log-audit: + rhcos4-moderate-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-permissions-var-log-audit: + rhcos4-moderate-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-burstaction: + rhcos4-moderate-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-reboot: + rhcos4-moderate-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-users-coredumps: + rhcos4-moderate-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-enable-fips-mode: + rhcos4-moderate-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-ensure-logrotate-activated: + rhcos4-moderate-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-file-groupowner-sshd-config: + rhcos4-moderate-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-owner-sshd-config: + rhcos4-moderate-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-ownership-var-log-audit: + rhcos4-moderate-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-config: + rhcos4-moderate-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-private-key: + rhcos4-moderate-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-pub-key: + rhcos4-moderate-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-var-log-audit: + rhcos4-moderate-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-kernel-module-atm-disabled: + rhcos4-moderate-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-bluetooth-disabled: + rhcos4-moderate-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-can-disabled: + rhcos4-moderate-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cfg80211-disabled: + rhcos4-moderate-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cramfs-disabled: + rhcos4-moderate-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-firewire-core-disabled: + rhcos4-moderate-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-freevxfs-disabled: + rhcos4-moderate-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfs-disabled: + rhcos4-moderate-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfsplus-disabled: + rhcos4-moderate-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlmvm-disabled: + rhcos4-moderate-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlwifi-disabled: + rhcos4-moderate-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-jffs2-disabled: + rhcos4-moderate-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-mac80211-disabled: + rhcos4-moderate-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-sctp-disabled: + rhcos4-moderate-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-squashfs-disabled: + rhcos4-moderate-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-tipc-disabled: + rhcos4-moderate-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-udf-disabled: + rhcos4-moderate-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-usb-storage-disabled: + rhcos4-moderate-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-direct-root-logins: + rhcos4-moderate-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-empty-passwords: + rhcos4-moderate-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-netrc-files: + rhcos4-moderate-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-shelllogin-for-systemaccounts: + rhcos4-moderate-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-tmux-in-shells: + rhcos4-moderate-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-package-audit-installed: + rhcos4-moderate-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-iptables-installed: + rhcos4-moderate-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-iptables-nft-installed: + rhcos4-moderate-worker-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-sudo-installed: + rhcos4-moderate-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-usbguard-installed: + rhcos4-moderate-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-partition-for-var-log: + rhcos4-moderate-worker-partition-for-var-log: default_result: MANUAL - e2e-moderate-worker-partition-for-var-log-audit: + rhcos4-moderate-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-worker-require-singleuser-auth: + rhcos4-moderate-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-policytype: + rhcos4-moderate-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-state: + rhcos4-moderate-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-auditd-enabled: + rhcos4-moderate-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-autofs-disabled: + rhcos4-moderate-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-service-bluetooth-disabled: + rhcos4-moderate-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-debug-shell-disabled: + rhcos4-moderate-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-systemd-coredump-disabled: + rhcos4-moderate-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-usbguard-enabled: + rhcos4-moderate-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-disable-rhosts: + rhcos4-moderate-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-limit-user-access: + rhcos4-moderate-worker-sshd-limit-user-access: default_result: FAIL - e2e-moderate-worker-sshd-set-idle-timeout: + rhcos4-moderate-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-set-keepalive: + rhcos4-moderate-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-hardlinks: + rhcos4-moderate-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-symlinks: + rhcos4-moderate-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-core-pattern: + rhcos4-moderate-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kptr-restrict: + rhcos4-moderate-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-usbguard-allow-hid-and-hub: + rhcos4-moderate-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-wireless-disable-in-bios: + rhcos4-moderate-worker-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-worker-wireless-disable-interfaces: + rhcos4-moderate-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-moderate-4.16.yml b/tests/assertions/ocp4/rhcos4-moderate-4.16.yml index 3a34936c01f..33298e9e247 100644 --- a/tests/assertions/ocp4/rhcos4-moderate-4.16.yml +++ b/tests/assertions/ocp4/rhcos4-moderate-4.16.yml @@ -1,1437 +1,1437 @@ rule_results: - e2e-moderate-master-accounts-no-uid-except-zero: + rhcos4-moderate-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-chmod: + rhcos4-moderate-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-chown: + rhcos4-moderate-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-fchmod: + rhcos4-moderate-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchown: + rhcos4-moderate-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchownat: + rhcos4-moderate-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lchown: + rhcos4-moderate-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-removexattr: + rhcos4-moderate-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-setxattr: + rhcos4-moderate-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-open: + rhcos4-moderate-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-openat: + rhcos4-moderate-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-open: + rhcos4-moderate-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-openat: + rhcos4-moderate-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-open: + rhcos4-moderate-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-openat: + rhcos4-moderate-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-open: + rhcos4-moderate-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-openat: + rhcos4-moderate-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-chcon: + rhcos4-moderate-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-restorecon: + rhcos4-moderate-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-semanage: + rhcos4-moderate-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setfiles: + rhcos4-moderate-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setsebool: + rhcos4-moderate-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-seunshare: + rhcos4-moderate-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rename: + rhcos4-moderate-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-immutable: + rhcos4-moderate-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-init: + rhcos4-moderate-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-faillock: + rhcos4-moderate-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-lastlog: + rhcos4-moderate-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-tallylog: + rhcos4-moderate-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-mac-modification: + rhcos4-moderate-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-media-export: + rhcos4-moderate-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-networkconfig-modification: + rhcos4-moderate-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-at: + rhcos4-moderate-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chage: + rhcos4-moderate-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chsh: + rhcos4-moderate-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-crontab: + rhcos4-moderate-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-mount: + rhcos4-moderate-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-passwd: + rhcos4-moderate-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-su: + rhcos4-moderate-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudo: + rhcos4-moderate-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-umount: + rhcos4-moderate-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-session-events: + rhcos4-moderate-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-sysadmin-actions: + rhcos4-moderate-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-adjtimex: + rhcos4-moderate-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-clock-settime: + rhcos4-moderate-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-settimeofday: + rhcos4-moderate-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-stime: + rhcos4-moderate-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-time-watch-localtime: + rhcos4-moderate-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-group: + rhcos4-moderate-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-error-action: + rhcos4-moderate-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-full-action: + rhcos4-moderate-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-flush: + rhcos4-moderate-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file: + rhcos4-moderate-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file-action: + rhcos4-moderate-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-num-logs: + rhcos4-moderate-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left: + rhcos4-moderate-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left-action: + rhcos4-moderate-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-freq: + rhcos4-moderate-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-local-events: + rhcos4-moderate-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-log-format: + rhcos4-moderate-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-name-format: + rhcos4-moderate-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-write-logs: + rhcos4-moderate-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-banner-etc-issue: + rhcos4-moderate-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-bios-disable-usb-boot: + rhcos4-moderate-master-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-master-chronyd-client-only: + rhcos4-moderate-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-no-chronyc-network: + rhcos4-moderate-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-crypto-policy: + rhcos4-moderate-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-kerberos-crypto-policy: + rhcos4-moderate-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-openssl-crypto-policy: + rhcos4-moderate-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-ssh-crypto-policy: + rhcos4-moderate-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-usbguard-auditbackend: + rhcos4-moderate-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-master-coredump-disable-backtraces: + rhcos4-moderate-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coredump-disable-storage: + rhcos4-moderate-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-option: + rhcos4-moderate-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-disable-interactive-boot: + rhcos4-moderate-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-nousb-kernel-argument: + rhcos4-moderate-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-page-poison-kernel-argument: + rhcos4-moderate-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-pti-kernel-argument: + rhcos4-moderate-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-vsyscall-kernel-argument: + rhcos4-moderate-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-access-var-log-audit: + rhcos4-moderate-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-permissions-var-log-audit: + rhcos4-moderate-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-burstaction: + rhcos4-moderate-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-reboot: + rhcos4-moderate-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-users-coredumps: + rhcos4-moderate-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-enable-fips-mode: + rhcos4-moderate-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-ensure-logrotate-activated: + rhcos4-moderate-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-file-groupowner-sshd-config: + rhcos4-moderate-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-owner-sshd-config: + rhcos4-moderate-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-ownership-var-log-audit: + rhcos4-moderate-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-config: + rhcos4-moderate-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-private-key: + rhcos4-moderate-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-pub-key: + rhcos4-moderate-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-var-log-audit: + rhcos4-moderate-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-kernel-module-atm-disabled: + rhcos4-moderate-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-bluetooth-disabled: + rhcos4-moderate-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-can-disabled: + rhcos4-moderate-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cfg80211-disabled: + rhcos4-moderate-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cramfs-disabled: + rhcos4-moderate-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-firewire-core-disabled: + rhcos4-moderate-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-freevxfs-disabled: + rhcos4-moderate-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfs-disabled: + rhcos4-moderate-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfsplus-disabled: + rhcos4-moderate-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlmvm-disabled: + rhcos4-moderate-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlwifi-disabled: + rhcos4-moderate-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-jffs2-disabled: + rhcos4-moderate-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-mac80211-disabled: + rhcos4-moderate-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-sctp-disabled: + rhcos4-moderate-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-squashfs-disabled: + rhcos4-moderate-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-tipc-disabled: + rhcos4-moderate-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-udf-disabled: + rhcos4-moderate-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-usb-storage-disabled: + rhcos4-moderate-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-direct-root-logins: + rhcos4-moderate-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-empty-passwords: + rhcos4-moderate-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-netrc-files: + rhcos4-moderate-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-shelllogin-for-systemaccounts: + rhcos4-moderate-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-tmux-in-shells: + rhcos4-moderate-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-package-audit-installed: + rhcos4-moderate-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-iptables-installed: + rhcos4-moderate-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-iptables-nft-installed: + rhcos4-moderate-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-sudo-installed: + rhcos4-moderate-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-usbguard-installed: + rhcos4-moderate-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-partition-for-var-log: + rhcos4-moderate-master-partition-for-var-log: default_result: MANUAL - e2e-moderate-master-partition-for-var-log-audit: + rhcos4-moderate-master-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-master-require-singleuser-auth: + rhcos4-moderate-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-policytype: + rhcos4-moderate-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-state: + rhcos4-moderate-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-auditd-enabled: + rhcos4-moderate-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-autofs-disabled: + rhcos4-moderate-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-service-bluetooth-disabled: + rhcos4-moderate-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-debug-shell-disabled: + rhcos4-moderate-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-systemd-coredump-disabled: + rhcos4-moderate-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-usbguard-enabled: + rhcos4-moderate-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-disable-rhosts: + rhcos4-moderate-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-limit-user-access: + rhcos4-moderate-master-sshd-limit-user-access: default_result: FAIL - e2e-moderate-master-sshd-set-idle-timeout: + rhcos4-moderate-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-set-keepalive: + rhcos4-moderate-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-hardlinks: + rhcos4-moderate-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-symlinks: + rhcos4-moderate-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-core-pattern: + rhcos4-moderate-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kptr-restrict: + rhcos4-moderate-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-usbguard-allow-hid-and-hub: + rhcos4-moderate-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-wireless-disable-in-bios: + rhcos4-moderate-master-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-master-wireless-disable-interfaces: + rhcos4-moderate-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-accounts-no-uid-except-zero: + rhcos4-moderate-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-chmod: + rhcos4-moderate-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-chown: + rhcos4-moderate-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-fchmod: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchown: + rhcos4-moderate-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchownat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lchown: + rhcos4-moderate-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-removexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-setxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-open: + rhcos4-moderate-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-openat: + rhcos4-moderate-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-open: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-openat: + rhcos4-moderate-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-open: + rhcos4-moderate-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-openat: + rhcos4-moderate-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-open: + rhcos4-moderate-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-openat: + rhcos4-moderate-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-chcon: + rhcos4-moderate-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-restorecon: + rhcos4-moderate-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-semanage: + rhcos4-moderate-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setfiles: + rhcos4-moderate-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setsebool: + rhcos4-moderate-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-seunshare: + rhcos4-moderate-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rename: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-immutable: + rhcos4-moderate-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-init: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-faillock: + rhcos4-moderate-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-lastlog: + rhcos4-moderate-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-tallylog: + rhcos4-moderate-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-mac-modification: + rhcos4-moderate-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-media-export: + rhcos4-moderate-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-networkconfig-modification: + rhcos4-moderate-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-at: + rhcos4-moderate-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chage: + rhcos4-moderate-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chsh: + rhcos4-moderate-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-crontab: + rhcos4-moderate-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-mount: + rhcos4-moderate-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-passwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-su: + rhcos4-moderate-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudo: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-umount: + rhcos4-moderate-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-session-events: + rhcos4-moderate-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-sysadmin-actions: + rhcos4-moderate-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-adjtimex: + rhcos4-moderate-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-clock-settime: + rhcos4-moderate-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-settimeofday: + rhcos4-moderate-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-stime: + rhcos4-moderate-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-time-watch-localtime: + rhcos4-moderate-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-group: + rhcos4-moderate-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-error-action: + rhcos4-moderate-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-full-action: + rhcos4-moderate-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-flush: + rhcos4-moderate-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file: + rhcos4-moderate-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file-action: + rhcos4-moderate-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-num-logs: + rhcos4-moderate-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left: + rhcos4-moderate-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-freq: + rhcos4-moderate-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-local-events: + rhcos4-moderate-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-log-format: + rhcos4-moderate-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-name-format: + rhcos4-moderate-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-write-logs: + rhcos4-moderate-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-banner-etc-issue: + rhcos4-moderate-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-bios-disable-usb-boot: + rhcos4-moderate-worker-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-worker-chronyd-client-only: + rhcos4-moderate-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-no-chronyc-network: + rhcos4-moderate-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-crypto-policy: + rhcos4-moderate-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-kerberos-crypto-policy: + rhcos4-moderate-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-openssl-crypto-policy: + rhcos4-moderate-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-ssh-crypto-policy: + rhcos4-moderate-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-usbguard-auditbackend: + rhcos4-moderate-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-backtraces: + rhcos4-moderate-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-storage: + rhcos4-moderate-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-option: + rhcos4-moderate-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-disable-interactive-boot: + rhcos4-moderate-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-nousb-kernel-argument: + rhcos4-moderate-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-page-poison-kernel-argument: + rhcos4-moderate-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-pti-kernel-argument: + rhcos4-moderate-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-vsyscall-kernel-argument: + rhcos4-moderate-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-access-var-log-audit: + rhcos4-moderate-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-permissions-var-log-audit: + rhcos4-moderate-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-burstaction: + rhcos4-moderate-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-reboot: + rhcos4-moderate-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-users-coredumps: + rhcos4-moderate-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-enable-fips-mode: + rhcos4-moderate-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-ensure-logrotate-activated: + rhcos4-moderate-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-file-groupowner-sshd-config: + rhcos4-moderate-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-owner-sshd-config: + rhcos4-moderate-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-ownership-var-log-audit: + rhcos4-moderate-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-config: + rhcos4-moderate-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-private-key: + rhcos4-moderate-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-pub-key: + rhcos4-moderate-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-var-log-audit: + rhcos4-moderate-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-kernel-module-atm-disabled: + rhcos4-moderate-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-bluetooth-disabled: + rhcos4-moderate-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-can-disabled: + rhcos4-moderate-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cfg80211-disabled: + rhcos4-moderate-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cramfs-disabled: + rhcos4-moderate-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-firewire-core-disabled: + rhcos4-moderate-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-freevxfs-disabled: + rhcos4-moderate-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfs-disabled: + rhcos4-moderate-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfsplus-disabled: + rhcos4-moderate-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlmvm-disabled: + rhcos4-moderate-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlwifi-disabled: + rhcos4-moderate-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-jffs2-disabled: + rhcos4-moderate-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-mac80211-disabled: + rhcos4-moderate-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-sctp-disabled: + rhcos4-moderate-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-squashfs-disabled: + rhcos4-moderate-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-tipc-disabled: + rhcos4-moderate-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-udf-disabled: + rhcos4-moderate-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-usb-storage-disabled: + rhcos4-moderate-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-direct-root-logins: + rhcos4-moderate-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-empty-passwords: + rhcos4-moderate-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-netrc-files: + rhcos4-moderate-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-shelllogin-for-systemaccounts: + rhcos4-moderate-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-tmux-in-shells: + rhcos4-moderate-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-package-audit-installed: + rhcos4-moderate-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-iptables-installed: + rhcos4-moderate-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-iptables-nft-installed: + rhcos4-moderate-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-sudo-installed: + rhcos4-moderate-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-usbguard-installed: + rhcos4-moderate-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-partition-for-var-log: + rhcos4-moderate-worker-partition-for-var-log: default_result: MANUAL - e2e-moderate-worker-partition-for-var-log-audit: + rhcos4-moderate-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-worker-require-singleuser-auth: + rhcos4-moderate-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-policytype: + rhcos4-moderate-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-state: + rhcos4-moderate-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-auditd-enabled: + rhcos4-moderate-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-autofs-disabled: + rhcos4-moderate-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-service-bluetooth-disabled: + rhcos4-moderate-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-debug-shell-disabled: + rhcos4-moderate-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-systemd-coredump-disabled: + rhcos4-moderate-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-usbguard-enabled: + rhcos4-moderate-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-disable-rhosts: + rhcos4-moderate-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-limit-user-access: + rhcos4-moderate-worker-sshd-limit-user-access: default_result: FAIL - e2e-moderate-worker-sshd-set-idle-timeout: + rhcos4-moderate-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-set-keepalive: + rhcos4-moderate-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-hardlinks: + rhcos4-moderate-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-symlinks: + rhcos4-moderate-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-core-pattern: + rhcos4-moderate-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kptr-restrict: + rhcos4-moderate-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-usbguard-allow-hid-and-hub: + rhcos4-moderate-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-wireless-disable-in-bios: + rhcos4-moderate-worker-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-worker-wireless-disable-interfaces: + rhcos4-moderate-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-moderate-4.17.yml b/tests/assertions/ocp4/rhcos4-moderate-4.17.yml index f41f17239c8..275d4fc9b5d 100644 --- a/tests/assertions/ocp4/rhcos4-moderate-4.17.yml +++ b/tests/assertions/ocp4/rhcos4-moderate-4.17.yml @@ -1,1443 +1,1443 @@ rule_results: - e2e-moderate-master-accounts-no-uid-except-zero: + rhcos4-moderate-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-chmod: + rhcos4-moderate-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-chown: + rhcos4-moderate-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-fchmod: + rhcos4-moderate-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchown: + rhcos4-moderate-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchownat: + rhcos4-moderate-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lchown: + rhcos4-moderate-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-removexattr: + rhcos4-moderate-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-setxattr: + rhcos4-moderate-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-open: + rhcos4-moderate-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-openat: + rhcos4-moderate-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-open: + rhcos4-moderate-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-openat: + rhcos4-moderate-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-open: + rhcos4-moderate-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-openat: + rhcos4-moderate-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-open: + rhcos4-moderate-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-openat: + rhcos4-moderate-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-chcon: + rhcos4-moderate-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-restorecon: + rhcos4-moderate-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-semanage: + rhcos4-moderate-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setfiles: + rhcos4-moderate-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setsebool: + rhcos4-moderate-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-seunshare: + rhcos4-moderate-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rename: + rhcos4-moderate-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-immutable: + rhcos4-moderate-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-init: + rhcos4-moderate-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-faillock: + rhcos4-moderate-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-lastlog: + rhcos4-moderate-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-tallylog: + rhcos4-moderate-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-mac-modification: + rhcos4-moderate-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-media-export: + rhcos4-moderate-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-networkconfig-modification: + rhcos4-moderate-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-at: + rhcos4-moderate-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chage: + rhcos4-moderate-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chsh: + rhcos4-moderate-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-crontab: + rhcos4-moderate-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-mount: + rhcos4-moderate-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-passwd: + rhcos4-moderate-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-su: + rhcos4-moderate-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudo: + rhcos4-moderate-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-umount: + rhcos4-moderate-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-session-events: + rhcos4-moderate-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-sysadmin-actions: + rhcos4-moderate-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-adjtimex: + rhcos4-moderate-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-clock-settime: + rhcos4-moderate-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-settimeofday: + rhcos4-moderate-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-stime: + rhcos4-moderate-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-time-watch-localtime: + rhcos4-moderate-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-group: + rhcos4-moderate-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-error-action: + rhcos4-moderate-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-full-action: + rhcos4-moderate-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-flush: + rhcos4-moderate-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file: + rhcos4-moderate-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file-action: + rhcos4-moderate-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-num-logs: + rhcos4-moderate-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left: + rhcos4-moderate-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left-action: + rhcos4-moderate-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-freq: + rhcos4-moderate-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-local-events: + rhcos4-moderate-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-log-format: + rhcos4-moderate-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-name-format: + rhcos4-moderate-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-write-logs: + rhcos4-moderate-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-banner-etc-issue: + rhcos4-moderate-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-bios-disable-usb-boot: + rhcos4-moderate-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-master-chronyd-client-only: + rhcos4-moderate-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-no-chronyc-network: + rhcos4-moderate-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-crypto-policy: + rhcos4-moderate-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-kerberos-crypto-policy: + rhcos4-moderate-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-openssl-crypto-policy: + rhcos4-moderate-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-ssh-crypto-policy: + rhcos4-moderate-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-usbguard-auditbackend: + rhcos4-moderate-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-master-coredump-disable-backtraces: + rhcos4-moderate-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coredump-disable-storage: + rhcos4-moderate-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-option: + rhcos4-moderate-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-disable-interactive-boot: + rhcos4-moderate-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-nousb-kernel-argument: + rhcos4-moderate-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-page-poison-kernel-argument: + rhcos4-moderate-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-pti-kernel-argument: + rhcos4-moderate-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-vsyscall-kernel-argument: + rhcos4-moderate-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-access-var-log-audit: + rhcos4-moderate-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-permissions-var-log-audit: + rhcos4-moderate-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-burstaction: + rhcos4-moderate-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-reboot: + rhcos4-moderate-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-users-coredumps: + rhcos4-moderate-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-enable-fips-mode: + rhcos4-moderate-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-ensure-logrotate-activated: + rhcos4-moderate-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-file-groupowner-sshd-config: + rhcos4-moderate-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-owner-sshd-config: + rhcos4-moderate-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-ownership-var-log-audit: + rhcos4-moderate-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-config: + rhcos4-moderate-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-private-key: + rhcos4-moderate-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-pub-key: + rhcos4-moderate-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-var-log-audit: + rhcos4-moderate-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-kernel-module-atm-disabled: + rhcos4-moderate-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-bluetooth-disabled: + rhcos4-moderate-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-can-disabled: + rhcos4-moderate-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cfg80211-disabled: + rhcos4-moderate-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cramfs-disabled: + rhcos4-moderate-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-firewire-core-disabled: + rhcos4-moderate-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-freevxfs-disabled: + rhcos4-moderate-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfs-disabled: + rhcos4-moderate-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfsplus-disabled: + rhcos4-moderate-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlmvm-disabled: + rhcos4-moderate-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlwifi-disabled: + rhcos4-moderate-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-jffs2-disabled: + rhcos4-moderate-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-mac80211-disabled: + rhcos4-moderate-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-sctp-disabled: + rhcos4-moderate-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-squashfs-disabled: + rhcos4-moderate-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-tipc-disabled: + rhcos4-moderate-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-udf-disabled: + rhcos4-moderate-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-usb-storage-disabled: + rhcos4-moderate-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-direct-root-logins: + rhcos4-moderate-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-empty-passwords: + rhcos4-moderate-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-netrc-files: + rhcos4-moderate-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-shelllogin-for-systemaccounts: + rhcos4-moderate-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-tmux-in-shells: + rhcos4-moderate-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-package-audit-installed: + rhcos4-moderate-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-iptables-installed: + rhcos4-moderate-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-iptables-nft-installed: + rhcos4-moderate-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-sudo-installed: + rhcos4-moderate-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-usbguard-installed: + rhcos4-moderate-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-partition-for-var-log: + rhcos4-moderate-master-partition-for-var-log: default_result: MANUAL - e2e-moderate-master-partition-for-var-log-audit: + rhcos4-moderate-master-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-master-require-singleuser-auth: + rhcos4-moderate-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-policytype: + rhcos4-moderate-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-state: + rhcos4-moderate-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-auditd-enabled: + rhcos4-moderate-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-autofs-disabled: + rhcos4-moderate-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-service-bluetooth-disabled: + rhcos4-moderate-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-debug-shell-disabled: + rhcos4-moderate-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-systemd-coredump-disabled: + rhcos4-moderate-master-service-systemd-coredump-disabled: default_result: PASS result_after_remediation: FAIL - e2e-moderate-master-service-usbguard-enabled: + rhcos4-moderate-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-disable-rhosts: + rhcos4-moderate-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-limit-user-access: + rhcos4-moderate-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-master-sshd-set-idle-timeout: + rhcos4-moderate-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-set-keepalive: + rhcos4-moderate-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-hardlinks: + rhcos4-moderate-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-symlinks: + rhcos4-moderate-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-core-pattern: + rhcos4-moderate-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kptr-restrict: + rhcos4-moderate-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-usbguard-allow-hid-and-hub: + rhcos4-moderate-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-wireless-disable-in-bios: + rhcos4-moderate-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-master-wireless-disable-interfaces: + rhcos4-moderate-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-accounts-no-uid-except-zero: + rhcos4-moderate-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-chmod: + rhcos4-moderate-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-chown: + rhcos4-moderate-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-fchmod: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchown: + rhcos4-moderate-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchownat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lchown: + rhcos4-moderate-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-removexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-setxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-open: + rhcos4-moderate-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-openat: + rhcos4-moderate-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-open: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-openat: + rhcos4-moderate-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-open: + rhcos4-moderate-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-openat: + rhcos4-moderate-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-open: + rhcos4-moderate-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-openat: + rhcos4-moderate-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-chcon: + rhcos4-moderate-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-restorecon: + rhcos4-moderate-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-semanage: + rhcos4-moderate-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setfiles: + rhcos4-moderate-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setsebool: + rhcos4-moderate-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-seunshare: + rhcos4-moderate-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rename: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-immutable: + rhcos4-moderate-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-init: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-faillock: + rhcos4-moderate-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-lastlog: + rhcos4-moderate-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-tallylog: + rhcos4-moderate-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-mac-modification: + rhcos4-moderate-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-media-export: + rhcos4-moderate-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-networkconfig-modification: + rhcos4-moderate-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-at: + rhcos4-moderate-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chage: + rhcos4-moderate-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chsh: + rhcos4-moderate-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-crontab: + rhcos4-moderate-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-mount: + rhcos4-moderate-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-passwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-su: + rhcos4-moderate-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudo: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-umount: + rhcos4-moderate-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-session-events: + rhcos4-moderate-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-sysadmin-actions: + rhcos4-moderate-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-adjtimex: + rhcos4-moderate-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-clock-settime: + rhcos4-moderate-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-settimeofday: + rhcos4-moderate-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-stime: + rhcos4-moderate-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-time-watch-localtime: + rhcos4-moderate-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-group: + rhcos4-moderate-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-error-action: + rhcos4-moderate-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-full-action: + rhcos4-moderate-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-flush: + rhcos4-moderate-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file: + rhcos4-moderate-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file-action: + rhcos4-moderate-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-num-logs: + rhcos4-moderate-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left: + rhcos4-moderate-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-freq: + rhcos4-moderate-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-local-events: + rhcos4-moderate-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-log-format: + rhcos4-moderate-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-name-format: + rhcos4-moderate-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-write-logs: + rhcos4-moderate-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-banner-etc-issue: + rhcos4-moderate-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-bios-disable-usb-boot: + rhcos4-moderate-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-worker-chronyd-client-only: + rhcos4-moderate-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-no-chronyc-network: + rhcos4-moderate-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-crypto-policy: + rhcos4-moderate-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-kerberos-crypto-policy: + rhcos4-moderate-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-openssl-crypto-policy: + rhcos4-moderate-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-ssh-crypto-policy: + rhcos4-moderate-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-usbguard-auditbackend: + rhcos4-moderate-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-backtraces: + rhcos4-moderate-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-storage: + rhcos4-moderate-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-option: + rhcos4-moderate-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-disable-interactive-boot: + rhcos4-moderate-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-nousb-kernel-argument: + rhcos4-moderate-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-page-poison-kernel-argument: + rhcos4-moderate-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-pti-kernel-argument: + rhcos4-moderate-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-vsyscall-kernel-argument: + rhcos4-moderate-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-access-var-log-audit: + rhcos4-moderate-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-permissions-var-log-audit: + rhcos4-moderate-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-burstaction: + rhcos4-moderate-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-reboot: + rhcos4-moderate-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-users-coredumps: + rhcos4-moderate-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-enable-fips-mode: + rhcos4-moderate-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-ensure-logrotate-activated: + rhcos4-moderate-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-file-groupowner-sshd-config: + rhcos4-moderate-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-owner-sshd-config: + rhcos4-moderate-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-ownership-var-log-audit: + rhcos4-moderate-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-config: + rhcos4-moderate-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-private-key: + rhcos4-moderate-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-pub-key: + rhcos4-moderate-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-var-log-audit: + rhcos4-moderate-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-kernel-module-atm-disabled: + rhcos4-moderate-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-bluetooth-disabled: + rhcos4-moderate-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-can-disabled: + rhcos4-moderate-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cfg80211-disabled: + rhcos4-moderate-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cramfs-disabled: + rhcos4-moderate-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-firewire-core-disabled: + rhcos4-moderate-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-freevxfs-disabled: + rhcos4-moderate-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfs-disabled: + rhcos4-moderate-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfsplus-disabled: + rhcos4-moderate-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlmvm-disabled: + rhcos4-moderate-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlwifi-disabled: + rhcos4-moderate-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-jffs2-disabled: + rhcos4-moderate-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-mac80211-disabled: + rhcos4-moderate-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-sctp-disabled: + rhcos4-moderate-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-squashfs-disabled: + rhcos4-moderate-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-tipc-disabled: + rhcos4-moderate-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-udf-disabled: + rhcos4-moderate-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-usb-storage-disabled: + rhcos4-moderate-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-direct-root-logins: + rhcos4-moderate-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-empty-passwords: + rhcos4-moderate-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-netrc-files: + rhcos4-moderate-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-shelllogin-for-systemaccounts: + rhcos4-moderate-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-tmux-in-shells: + rhcos4-moderate-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-package-audit-installed: + rhcos4-moderate-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-iptables-installed: + rhcos4-moderate-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-iptables-nft-installed: + rhcos4-moderate-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-sudo-installed: + rhcos4-moderate-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-usbguard-installed: + rhcos4-moderate-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-partition-for-var-log: + rhcos4-moderate-worker-partition-for-var-log: default_result: MANUAL - e2e-moderate-worker-partition-for-var-log-audit: + rhcos4-moderate-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-worker-require-singleuser-auth: + rhcos4-moderate-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-policytype: + rhcos4-moderate-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-state: + rhcos4-moderate-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-auditd-enabled: + rhcos4-moderate-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-autofs-disabled: + rhcos4-moderate-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-service-bluetooth-disabled: + rhcos4-moderate-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-debug-shell-disabled: + rhcos4-moderate-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-systemd-coredump-disabled: + rhcos4-moderate-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-usbguard-enabled: + rhcos4-moderate-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-disable-rhosts: + rhcos4-moderate-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-limit-user-access: + rhcos4-moderate-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-worker-sshd-set-idle-timeout: + rhcos4-moderate-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-set-keepalive: + rhcos4-moderate-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-hardlinks: + rhcos4-moderate-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-symlinks: + rhcos4-moderate-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-core-pattern: + rhcos4-moderate-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kptr-restrict: + rhcos4-moderate-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-usbguard-allow-hid-and-hub: + rhcos4-moderate-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-wireless-disable-in-bios: + rhcos4-moderate-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-worker-wireless-disable-interfaces: + rhcos4-moderate-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-moderate-4.18.yml b/tests/assertions/ocp4/rhcos4-moderate-4.18.yml index 6abc1ea9c4b..d7d8d4af425 100644 --- a/tests/assertions/ocp4/rhcos4-moderate-4.18.yml +++ b/tests/assertions/ocp4/rhcos4-moderate-4.18.yml @@ -1,1443 +1,1443 @@ rule_results: - e2e-moderate-master-accounts-no-uid-except-zero: + rhcos4-moderate-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-chmod: + rhcos4-moderate-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-chown: + rhcos4-moderate-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-fchmod: + rhcos4-moderate-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchown: + rhcos4-moderate-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchownat: + rhcos4-moderate-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lchown: + rhcos4-moderate-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-removexattr: + rhcos4-moderate-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-setxattr: + rhcos4-moderate-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-open: + rhcos4-moderate-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-openat: + rhcos4-moderate-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-open: + rhcos4-moderate-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-openat: + rhcos4-moderate-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-open: + rhcos4-moderate-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-openat: + rhcos4-moderate-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-open: + rhcos4-moderate-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-openat: + rhcos4-moderate-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-chcon: + rhcos4-moderate-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-restorecon: + rhcos4-moderate-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-semanage: + rhcos4-moderate-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setfiles: + rhcos4-moderate-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setsebool: + rhcos4-moderate-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-seunshare: + rhcos4-moderate-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rename: + rhcos4-moderate-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-immutable: + rhcos4-moderate-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-init: + rhcos4-moderate-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-faillock: + rhcos4-moderate-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-lastlog: + rhcos4-moderate-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-tallylog: + rhcos4-moderate-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-mac-modification: + rhcos4-moderate-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-media-export: + rhcos4-moderate-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-networkconfig-modification: + rhcos4-moderate-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-at: + rhcos4-moderate-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chage: + rhcos4-moderate-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chsh: + rhcos4-moderate-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-crontab: + rhcos4-moderate-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-mount: + rhcos4-moderate-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-passwd: + rhcos4-moderate-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-su: + rhcos4-moderate-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudo: + rhcos4-moderate-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-umount: + rhcos4-moderate-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-session-events: + rhcos4-moderate-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-sysadmin-actions: + rhcos4-moderate-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-adjtimex: + rhcos4-moderate-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-clock-settime: + rhcos4-moderate-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-settimeofday: + rhcos4-moderate-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-stime: + rhcos4-moderate-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-time-watch-localtime: + rhcos4-moderate-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-group: + rhcos4-moderate-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-error-action: + rhcos4-moderate-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-full-action: + rhcos4-moderate-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-flush: + rhcos4-moderate-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file: + rhcos4-moderate-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file-action: + rhcos4-moderate-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-num-logs: + rhcos4-moderate-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left: + rhcos4-moderate-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left-action: + rhcos4-moderate-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-freq: + rhcos4-moderate-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-local-events: + rhcos4-moderate-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-log-format: + rhcos4-moderate-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-name-format: + rhcos4-moderate-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-write-logs: + rhcos4-moderate-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-banner-etc-issue: + rhcos4-moderate-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-bios-disable-usb-boot: + rhcos4-moderate-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-master-chronyd-client-only: + rhcos4-moderate-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-no-chronyc-network: + rhcos4-moderate-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-crypto-policy: + rhcos4-moderate-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-kerberos-crypto-policy: + rhcos4-moderate-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-openssl-crypto-policy: + rhcos4-moderate-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-ssh-crypto-policy: + rhcos4-moderate-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-usbguard-auditbackend: + rhcos4-moderate-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-master-coredump-disable-backtraces: + rhcos4-moderate-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coredump-disable-storage: + rhcos4-moderate-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-option: + rhcos4-moderate-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-disable-interactive-boot: + rhcos4-moderate-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-nousb-kernel-argument: + rhcos4-moderate-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-page-poison-kernel-argument: + rhcos4-moderate-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-pti-kernel-argument: + rhcos4-moderate-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-vsyscall-kernel-argument: + rhcos4-moderate-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-access-var-log-audit: + rhcos4-moderate-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-permissions-var-log-audit: + rhcos4-moderate-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-burstaction: + rhcos4-moderate-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-reboot: + rhcos4-moderate-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-users-coredumps: + rhcos4-moderate-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-enable-fips-mode: + rhcos4-moderate-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-ensure-logrotate-activated: + rhcos4-moderate-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-file-groupowner-sshd-config: + rhcos4-moderate-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-owner-sshd-config: + rhcos4-moderate-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-ownership-var-log-audit: + rhcos4-moderate-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-config: + rhcos4-moderate-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-private-key: + rhcos4-moderate-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-pub-key: + rhcos4-moderate-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-var-log-audit: + rhcos4-moderate-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-kernel-module-atm-disabled: + rhcos4-moderate-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-bluetooth-disabled: + rhcos4-moderate-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-can-disabled: + rhcos4-moderate-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cfg80211-disabled: + rhcos4-moderate-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cramfs-disabled: + rhcos4-moderate-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-firewire-core-disabled: + rhcos4-moderate-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-freevxfs-disabled: + rhcos4-moderate-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfs-disabled: + rhcos4-moderate-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfsplus-disabled: + rhcos4-moderate-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlmvm-disabled: + rhcos4-moderate-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlwifi-disabled: + rhcos4-moderate-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-jffs2-disabled: + rhcos4-moderate-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-mac80211-disabled: + rhcos4-moderate-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-sctp-disabled: + rhcos4-moderate-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-squashfs-disabled: + rhcos4-moderate-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-tipc-disabled: + rhcos4-moderate-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-udf-disabled: + rhcos4-moderate-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-usb-storage-disabled: + rhcos4-moderate-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-direct-root-logins: + rhcos4-moderate-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-empty-passwords: + rhcos4-moderate-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-netrc-files: + rhcos4-moderate-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-shelllogin-for-systemaccounts: + rhcos4-moderate-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-tmux-in-shells: + rhcos4-moderate-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-package-audit-installed: + rhcos4-moderate-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-iptables-installed: + rhcos4-moderate-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-iptables-nft-installed: + rhcos4-moderate-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-sudo-installed: + rhcos4-moderate-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-usbguard-installed: + rhcos4-moderate-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-partition-for-var-log: + rhcos4-moderate-master-partition-for-var-log: default_result: MANUAL - e2e-moderate-master-partition-for-var-log-audit: + rhcos4-moderate-master-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-master-require-singleuser-auth: + rhcos4-moderate-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-policytype: + rhcos4-moderate-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-state: + rhcos4-moderate-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-auditd-enabled: + rhcos4-moderate-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-autofs-disabled: + rhcos4-moderate-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-service-bluetooth-disabled: + rhcos4-moderate-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-debug-shell-disabled: + rhcos4-moderate-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-systemd-coredump-disabled: + rhcos4-moderate-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-usbguard-enabled: + rhcos4-moderate-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-disable-rhosts: + rhcos4-moderate-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-limit-user-access: + rhcos4-moderate-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-master-sshd-set-idle-timeout: + rhcos4-moderate-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-set-keepalive: + rhcos4-moderate-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-hardlinks: + rhcos4-moderate-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-symlinks: + rhcos4-moderate-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-core-pattern: + rhcos4-moderate-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kptr-restrict: + rhcos4-moderate-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-usbguard-allow-hid-and-hub: + rhcos4-moderate-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-wireless-disable-in-bios: + rhcos4-moderate-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-master-wireless-disable-interfaces: + rhcos4-moderate-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-accounts-no-uid-except-zero: + rhcos4-moderate-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-chmod: + rhcos4-moderate-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-chown: + rhcos4-moderate-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-fchmod: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchown: + rhcos4-moderate-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchownat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lchown: + rhcos4-moderate-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-removexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-setxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-open: + rhcos4-moderate-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-openat: + rhcos4-moderate-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-open: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-openat: + rhcos4-moderate-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-open: + rhcos4-moderate-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-openat: + rhcos4-moderate-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-open: + rhcos4-moderate-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-openat: + rhcos4-moderate-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-chcon: + rhcos4-moderate-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-restorecon: + rhcos4-moderate-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-semanage: + rhcos4-moderate-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setfiles: + rhcos4-moderate-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setsebool: + rhcos4-moderate-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-seunshare: + rhcos4-moderate-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rename: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-immutable: + rhcos4-moderate-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-init: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-faillock: + rhcos4-moderate-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-lastlog: + rhcos4-moderate-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-tallylog: + rhcos4-moderate-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-mac-modification: + rhcos4-moderate-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-media-export: + rhcos4-moderate-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-networkconfig-modification: + rhcos4-moderate-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-at: + rhcos4-moderate-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chage: + rhcos4-moderate-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chsh: + rhcos4-moderate-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-crontab: + rhcos4-moderate-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-mount: + rhcos4-moderate-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-passwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-su: + rhcos4-moderate-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudo: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-umount: + rhcos4-moderate-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-session-events: + rhcos4-moderate-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-sysadmin-actions: + rhcos4-moderate-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-adjtimex: + rhcos4-moderate-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-clock-settime: + rhcos4-moderate-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-settimeofday: + rhcos4-moderate-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-stime: + rhcos4-moderate-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-time-watch-localtime: + rhcos4-moderate-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-group: + rhcos4-moderate-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-error-action: + rhcos4-moderate-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-full-action: + rhcos4-moderate-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-flush: + rhcos4-moderate-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file: + rhcos4-moderate-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file-action: + rhcos4-moderate-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-num-logs: + rhcos4-moderate-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left: + rhcos4-moderate-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-freq: + rhcos4-moderate-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-local-events: + rhcos4-moderate-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-log-format: + rhcos4-moderate-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-name-format: + rhcos4-moderate-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-write-logs: + rhcos4-moderate-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-banner-etc-issue: + rhcos4-moderate-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-bios-disable-usb-boot: + rhcos4-moderate-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-worker-chronyd-client-only: + rhcos4-moderate-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-no-chronyc-network: + rhcos4-moderate-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-crypto-policy: + rhcos4-moderate-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-kerberos-crypto-policy: + rhcos4-moderate-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-openssl-crypto-policy: + rhcos4-moderate-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-ssh-crypto-policy: + rhcos4-moderate-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-usbguard-auditbackend: + rhcos4-moderate-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-backtraces: + rhcos4-moderate-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-storage: + rhcos4-moderate-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-option: + rhcos4-moderate-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-disable-interactive-boot: + rhcos4-moderate-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-nousb-kernel-argument: + rhcos4-moderate-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-page-poison-kernel-argument: + rhcos4-moderate-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-pti-kernel-argument: + rhcos4-moderate-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-vsyscall-kernel-argument: + rhcos4-moderate-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-access-var-log-audit: + rhcos4-moderate-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-permissions-var-log-audit: + rhcos4-moderate-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-burstaction: + rhcos4-moderate-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-reboot: + rhcos4-moderate-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-users-coredumps: + rhcos4-moderate-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-enable-fips-mode: + rhcos4-moderate-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-ensure-logrotate-activated: + rhcos4-moderate-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-file-groupowner-sshd-config: + rhcos4-moderate-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-owner-sshd-config: + rhcos4-moderate-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-ownership-var-log-audit: + rhcos4-moderate-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-config: + rhcos4-moderate-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-private-key: + rhcos4-moderate-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-pub-key: + rhcos4-moderate-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-var-log-audit: + rhcos4-moderate-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-kernel-module-atm-disabled: + rhcos4-moderate-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-bluetooth-disabled: + rhcos4-moderate-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-can-disabled: + rhcos4-moderate-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cfg80211-disabled: + rhcos4-moderate-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cramfs-disabled: + rhcos4-moderate-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-firewire-core-disabled: + rhcos4-moderate-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-freevxfs-disabled: + rhcos4-moderate-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfs-disabled: + rhcos4-moderate-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfsplus-disabled: + rhcos4-moderate-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlmvm-disabled: + rhcos4-moderate-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlwifi-disabled: + rhcos4-moderate-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-jffs2-disabled: + rhcos4-moderate-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-mac80211-disabled: + rhcos4-moderate-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-sctp-disabled: + rhcos4-moderate-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-squashfs-disabled: + rhcos4-moderate-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-tipc-disabled: + rhcos4-moderate-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-udf-disabled: + rhcos4-moderate-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-usb-storage-disabled: + rhcos4-moderate-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-direct-root-logins: + rhcos4-moderate-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-empty-passwords: + rhcos4-moderate-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-netrc-files: + rhcos4-moderate-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-shelllogin-for-systemaccounts: + rhcos4-moderate-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-tmux-in-shells: + rhcos4-moderate-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-package-audit-installed: + rhcos4-moderate-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-iptables-installed: + rhcos4-moderate-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-iptables-nft-installed: + rhcos4-moderate-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-sudo-installed: + rhcos4-moderate-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-usbguard-installed: + rhcos4-moderate-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-partition-for-var-log: + rhcos4-moderate-worker-partition-for-var-log: default_result: MANUAL - e2e-moderate-worker-partition-for-var-log-audit: + rhcos4-moderate-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-worker-require-singleuser-auth: + rhcos4-moderate-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-policytype: + rhcos4-moderate-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-state: + rhcos4-moderate-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-auditd-enabled: + rhcos4-moderate-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-autofs-disabled: + rhcos4-moderate-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-service-bluetooth-disabled: + rhcos4-moderate-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-debug-shell-disabled: + rhcos4-moderate-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-systemd-coredump-disabled: + rhcos4-moderate-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-usbguard-enabled: + rhcos4-moderate-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-disable-rhosts: + rhcos4-moderate-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-limit-user-access: + rhcos4-moderate-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-worker-sshd-set-idle-timeout: + rhcos4-moderate-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-set-keepalive: + rhcos4-moderate-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-hardlinks: + rhcos4-moderate-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-symlinks: + rhcos4-moderate-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-core-pattern: + rhcos4-moderate-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kptr-restrict: + rhcos4-moderate-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-usbguard-allow-hid-and-hub: + rhcos4-moderate-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-wireless-disable-in-bios: + rhcos4-moderate-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-worker-wireless-disable-interfaces: + rhcos4-moderate-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-stig-4.12.yml b/tests/assertions/ocp4/rhcos4-stig-4.12.yml index 5cddafa620f..dca99a155b9 100644 --- a/tests/assertions/ocp4/rhcos4-stig-4.12.yml +++ b/tests/assertions/ocp4/rhcos4-stig-4.12.yml @@ -1,715 +1,715 @@ rule_results: - e2e-stig-master-audit-access-failed: + rhcos4-stig-master-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-create-failed: + rhcos4-stig-master-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-delete-failed: + rhcos4-stig-master-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-immutable-login-uids: + rhcos4-stig-master-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-modify-failed: + rhcos4-stig-master-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-chmod: + rhcos4-stig-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-chown: + rhcos4-stig-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-fchmod: + rhcos4-stig-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchmodat: + rhcos4-stig-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchown: + rhcos4-stig-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchownat: + rhcos4-stig-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lchown: + rhcos4-stig-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-removexattr: + rhcos4-stig-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-setxattr: + rhcos4-stig-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount: + rhcos4-stig-master-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount2: + rhcos4-stig-master-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-chcon: + rhcos4-stig-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-semanage: + rhcos4-stig-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setfiles: + rhcos4-stig-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setsebool: + rhcos4-stig-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rename: + rhcos4-stig-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-renameat: + rhcos4-stig-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlink: + rhcos4-stig-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-immutable: + rhcos4-stig-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-delete: + rhcos4-stig-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-finit: + rhcos4-stig-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-init: + rhcos4-stig-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-faillock: + rhcos4-stig-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-lastlog: + rhcos4-stig-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-tallylog: + rhcos4-stig-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-media-export: + rhcos4-stig-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chage: + rhcos4-stig-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chsh: + rhcos4-stig-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-crontab: + rhcos4-stig-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount: + rhcos4-stig-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-master-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-newgrp: + rhcos4-stig-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-passwd: + rhcos4-stig-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pkexec: + rhcos4-stig-master-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-master-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postdrop: + rhcos4-stig-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postqueue: + rhcos4-stig-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-su: + rhcos4-stig-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudo: + rhcos4-stig-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-umount: + rhcos4-stig-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-userhelper: + rhcos4-stig-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-utempter: + rhcos4-stig-master-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-write: + rhcos4-stig-master-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-session-events: + rhcos4-stig-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-sysadmin-actions: + rhcos4-stig-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification: + rhcos4-stig-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-group: + rhcos4-stig-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-passwd: + rhcos4-stig-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-shadow: + rhcos4-stig-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-disk-error-action: + rhcos4-stig-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-master-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-master-auditd-log-format: + rhcos4-stig-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-master-bios-enable-execution-restrictions: + rhcos4-stig-master-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-master-configure-usbguard-auditbackend: + rhcos4-stig-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-audit-option: + rhcos4-stig-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-enable-selinux-kernel-argument: + rhcos4-stig-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-master-coreos-page-poison-kernel-argument: + rhcos4-stig-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-slub-debug-kernel-argument: + rhcos4-stig-master-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-vsyscall-kernel-argument: + rhcos4-stig-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-file-groupowner-system-journal: + rhcos4-stig-master-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-groupowner-var-log: + rhcos4-stig-master-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-system-journal: + rhcos4-stig-master-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-var-log: + rhcos4-stig-master-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-ownership-var-log-audit: + rhcos4-stig-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-system-journal: + rhcos4-stig-master-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log: + rhcos4-stig-master-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log-audit: + rhcos4-stig-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-kernel-module-usb-storage-disabled: + rhcos4-stig-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-package-usbguard-installed: + rhcos4-stig-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-partition-for-var-log-audit: + rhcos4-stig-master-partition-for-var-log-audit: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-master-selinux-policytype: + rhcos4-stig-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-master-selinux-state: + rhcos4-stig-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-chronyd-or-ntpd-enabled: + rhcos4-stig-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-sshd-disabled: + rhcos4-stig-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-service-usbguard-enabled: + rhcos4-stig-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sshd-disable-root-login: + rhcos4-stig-master-sshd-disable-root-login: default_result: PASS result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-dmesg-restrict: + rhcos4-stig-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-randomize-va-space: + rhcos4-stig-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-usbguard-allow-hid-and-hub: + rhcos4-stig-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-access-failed: + rhcos4-stig-worker-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-create-failed: + rhcos4-stig-worker-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-delete-failed: + rhcos4-stig-worker-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-immutable-login-uids: + rhcos4-stig-worker-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-modify-failed: + rhcos4-stig-worker-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-chmod: + rhcos4-stig-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-chown: + rhcos4-stig-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-fchmod: + rhcos4-stig-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchmodat: + rhcos4-stig-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchown: + rhcos4-stig-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchownat: + rhcos4-stig-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lchown: + rhcos4-stig-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-removexattr: + rhcos4-stig-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-setxattr: + rhcos4-stig-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount: + rhcos4-stig-worker-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount2: + rhcos4-stig-worker-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-chcon: + rhcos4-stig-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-semanage: + rhcos4-stig-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setfiles: + rhcos4-stig-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setsebool: + rhcos4-stig-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rename: + rhcos4-stig-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-renameat: + rhcos4-stig-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlink: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-immutable: + rhcos4-stig-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-delete: + rhcos4-stig-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-finit: + rhcos4-stig-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-init: + rhcos4-stig-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-faillock: + rhcos4-stig-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-lastlog: + rhcos4-stig-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-tallylog: + rhcos4-stig-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-media-export: + rhcos4-stig-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chage: + rhcos4-stig-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chsh: + rhcos4-stig-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-crontab: + rhcos4-stig-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount: + rhcos4-stig-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-worker-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-newgrp: + rhcos4-stig-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-passwd: + rhcos4-stig-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pkexec: + rhcos4-stig-worker-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postdrop: + rhcos4-stig-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postqueue: + rhcos4-stig-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-su: + rhcos4-stig-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudo: + rhcos4-stig-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-umount: + rhcos4-stig-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-userhelper: + rhcos4-stig-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-utempter: + rhcos4-stig-worker-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-write: + rhcos4-stig-worker-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-session-events: + rhcos4-stig-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-sysadmin-actions: + rhcos4-stig-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification: + rhcos4-stig-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-group: + rhcos4-stig-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-passwd: + rhcos4-stig-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-shadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-disk-error-action: + rhcos4-stig-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-worker-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-auditd-log-format: + rhcos4-stig-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-bios-enable-execution-restrictions: + rhcos4-stig-worker-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-configure-usbguard-auditbackend: + rhcos4-stig-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-audit-option: + rhcos4-stig-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-enable-selinux-kernel-argument: + rhcos4-stig-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-coreos-page-poison-kernel-argument: + rhcos4-stig-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-slub-debug-kernel-argument: + rhcos4-stig-worker-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-vsyscall-kernel-argument: + rhcos4-stig-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-file-groupowner-system-journal: + rhcos4-stig-worker-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-groupowner-var-log: + rhcos4-stig-worker-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-system-journal: + rhcos4-stig-worker-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-var-log: + rhcos4-stig-worker-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-ownership-var-log-audit: + rhcos4-stig-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-system-journal: + rhcos4-stig-worker-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log: + rhcos4-stig-worker-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log-audit: + rhcos4-stig-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-kernel-module-usb-storage-disabled: + rhcos4-stig-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-package-usbguard-installed: + rhcos4-stig-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-partition-for-var-log-audit: + rhcos4-stig-worker-partition-for-var-log-audit: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-worker-selinux-policytype: + rhcos4-stig-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-selinux-state: + rhcos4-stig-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-chronyd-or-ntpd-enabled: + rhcos4-stig-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-sshd-disabled: + rhcos4-stig-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-service-usbguard-enabled: + rhcos4-stig-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sshd-disable-root-login: + rhcos4-stig-worker-sshd-disable-root-login: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-dmesg-restrict: + rhcos4-stig-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-randomize-va-space: + rhcos4-stig-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-usbguard-allow-hid-and-hub: + rhcos4-stig-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-stig-4.13.yml b/tests/assertions/ocp4/rhcos4-stig-4.13.yml index 163672d3104..bb0d854e72e 100644 --- a/tests/assertions/ocp4/rhcos4-stig-4.13.yml +++ b/tests/assertions/ocp4/rhcos4-stig-4.13.yml @@ -1,713 +1,713 @@ rule_results: - e2e-stig-master-audit-access-failed: + rhcos4-stig-master-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-create-failed: + rhcos4-stig-master-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-delete-failed: + rhcos4-stig-master-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-immutable-login-uids: + rhcos4-stig-master-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-modify-failed: + rhcos4-stig-master-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-chmod: + rhcos4-stig-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-chown: + rhcos4-stig-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-fchmod: + rhcos4-stig-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchmodat: + rhcos4-stig-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchown: + rhcos4-stig-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchownat: + rhcos4-stig-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lchown: + rhcos4-stig-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-removexattr: + rhcos4-stig-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-setxattr: + rhcos4-stig-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount: + rhcos4-stig-master-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount2: + rhcos4-stig-master-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-chcon: + rhcos4-stig-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-semanage: + rhcos4-stig-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setfiles: + rhcos4-stig-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setsebool: + rhcos4-stig-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rename: + rhcos4-stig-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-renameat: + rhcos4-stig-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlink: + rhcos4-stig-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-immutable: + rhcos4-stig-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-delete: + rhcos4-stig-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-finit: + rhcos4-stig-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-init: + rhcos4-stig-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-faillock: + rhcos4-stig-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-lastlog: + rhcos4-stig-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-tallylog: + rhcos4-stig-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-media-export: + rhcos4-stig-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chage: + rhcos4-stig-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chsh: + rhcos4-stig-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-crontab: + rhcos4-stig-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount: + rhcos4-stig-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-master-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-newgrp: + rhcos4-stig-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-passwd: + rhcos4-stig-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pkexec: + rhcos4-stig-master-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-master-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postdrop: + rhcos4-stig-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postqueue: + rhcos4-stig-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-su: + rhcos4-stig-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudo: + rhcos4-stig-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-umount: + rhcos4-stig-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-userhelper: + rhcos4-stig-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-utempter: + rhcos4-stig-master-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-write: + rhcos4-stig-master-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-session-events: + rhcos4-stig-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-sysadmin-actions: + rhcos4-stig-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification: + rhcos4-stig-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-group: + rhcos4-stig-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-passwd: + rhcos4-stig-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-shadow: + rhcos4-stig-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-disk-error-action: + rhcos4-stig-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-master-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-master-auditd-log-format: + rhcos4-stig-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-master-bios-enable-execution-restrictions: + rhcos4-stig-master-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-master-configure-usbguard-auditbackend: + rhcos4-stig-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-audit-option: + rhcos4-stig-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-enable-selinux-kernel-argument: + rhcos4-stig-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-master-coreos-page-poison-kernel-argument: + rhcos4-stig-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-slub-debug-kernel-argument: + rhcos4-stig-master-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-vsyscall-kernel-argument: + rhcos4-stig-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-file-groupowner-system-journal: + rhcos4-stig-master-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-groupowner-var-log: + rhcos4-stig-master-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-system-journal: + rhcos4-stig-master-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-var-log: + rhcos4-stig-master-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-ownership-var-log-audit: + rhcos4-stig-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-system-journal: + rhcos4-stig-master-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log: + rhcos4-stig-master-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log-audit: + rhcos4-stig-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-kernel-module-usb-storage-disabled: + rhcos4-stig-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-package-usbguard-installed: + rhcos4-stig-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-partition-for-var-log-audit: + rhcos4-stig-master-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-master-selinux-policytype: + rhcos4-stig-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-master-selinux-state: + rhcos4-stig-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-chronyd-or-ntpd-enabled: + rhcos4-stig-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-sshd-disabled: + rhcos4-stig-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-service-usbguard-enabled: + rhcos4-stig-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sshd-disable-root-login: + rhcos4-stig-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-dmesg-restrict: + rhcos4-stig-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-randomize-va-space: + rhcos4-stig-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-usbguard-allow-hid-and-hub: + rhcos4-stig-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-access-failed: + rhcos4-stig-worker-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-create-failed: + rhcos4-stig-worker-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-delete-failed: + rhcos4-stig-worker-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-immutable-login-uids: + rhcos4-stig-worker-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-modify-failed: + rhcos4-stig-worker-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-chmod: + rhcos4-stig-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-chown: + rhcos4-stig-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-fchmod: + rhcos4-stig-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchmodat: + rhcos4-stig-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchown: + rhcos4-stig-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchownat: + rhcos4-stig-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lchown: + rhcos4-stig-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-removexattr: + rhcos4-stig-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-setxattr: + rhcos4-stig-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount: + rhcos4-stig-worker-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount2: + rhcos4-stig-worker-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-chcon: + rhcos4-stig-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-semanage: + rhcos4-stig-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setfiles: + rhcos4-stig-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setsebool: + rhcos4-stig-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rename: + rhcos4-stig-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-renameat: + rhcos4-stig-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlink: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-immutable: + rhcos4-stig-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-delete: + rhcos4-stig-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-finit: + rhcos4-stig-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-init: + rhcos4-stig-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-faillock: + rhcos4-stig-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-lastlog: + rhcos4-stig-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-tallylog: + rhcos4-stig-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-media-export: + rhcos4-stig-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chage: + rhcos4-stig-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chsh: + rhcos4-stig-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-crontab: + rhcos4-stig-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount: + rhcos4-stig-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-worker-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-newgrp: + rhcos4-stig-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-passwd: + rhcos4-stig-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pkexec: + rhcos4-stig-worker-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postdrop: + rhcos4-stig-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postqueue: + rhcos4-stig-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-su: + rhcos4-stig-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudo: + rhcos4-stig-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-umount: + rhcos4-stig-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-userhelper: + rhcos4-stig-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-utempter: + rhcos4-stig-worker-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-write: + rhcos4-stig-worker-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-session-events: + rhcos4-stig-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-sysadmin-actions: + rhcos4-stig-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification: + rhcos4-stig-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-group: + rhcos4-stig-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-passwd: + rhcos4-stig-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-shadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-disk-error-action: + rhcos4-stig-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-worker-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-auditd-log-format: + rhcos4-stig-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-bios-enable-execution-restrictions: + rhcos4-stig-worker-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-configure-usbguard-auditbackend: + rhcos4-stig-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-audit-option: + rhcos4-stig-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-enable-selinux-kernel-argument: + rhcos4-stig-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-coreos-page-poison-kernel-argument: + rhcos4-stig-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-slub-debug-kernel-argument: + rhcos4-stig-worker-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-vsyscall-kernel-argument: + rhcos4-stig-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-file-groupowner-system-journal: + rhcos4-stig-worker-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-groupowner-var-log: + rhcos4-stig-worker-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-system-journal: + rhcos4-stig-worker-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-var-log: + rhcos4-stig-worker-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-ownership-var-log-audit: + rhcos4-stig-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-system-journal: + rhcos4-stig-worker-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log: + rhcos4-stig-worker-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log-audit: + rhcos4-stig-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-kernel-module-usb-storage-disabled: + rhcos4-stig-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-package-usbguard-installed: + rhcos4-stig-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-partition-for-var-log-audit: + rhcos4-stig-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-worker-selinux-policytype: + rhcos4-stig-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-selinux-state: + rhcos4-stig-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-chronyd-or-ntpd-enabled: + rhcos4-stig-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-sshd-disabled: + rhcos4-stig-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-service-usbguard-enabled: + rhcos4-stig-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sshd-disable-root-login: + rhcos4-stig-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-dmesg-restrict: + rhcos4-stig-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-randomize-va-space: + rhcos4-stig-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-usbguard-allow-hid-and-hub: + rhcos4-stig-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-stig-4.14.yml b/tests/assertions/ocp4/rhcos4-stig-4.14.yml index 163672d3104..bb0d854e72e 100644 --- a/tests/assertions/ocp4/rhcos4-stig-4.14.yml +++ b/tests/assertions/ocp4/rhcos4-stig-4.14.yml @@ -1,713 +1,713 @@ rule_results: - e2e-stig-master-audit-access-failed: + rhcos4-stig-master-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-create-failed: + rhcos4-stig-master-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-delete-failed: + rhcos4-stig-master-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-immutable-login-uids: + rhcos4-stig-master-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-modify-failed: + rhcos4-stig-master-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-chmod: + rhcos4-stig-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-chown: + rhcos4-stig-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-fchmod: + rhcos4-stig-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchmodat: + rhcos4-stig-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchown: + rhcos4-stig-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchownat: + rhcos4-stig-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lchown: + rhcos4-stig-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-removexattr: + rhcos4-stig-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-setxattr: + rhcos4-stig-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount: + rhcos4-stig-master-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount2: + rhcos4-stig-master-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-chcon: + rhcos4-stig-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-semanage: + rhcos4-stig-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setfiles: + rhcos4-stig-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setsebool: + rhcos4-stig-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rename: + rhcos4-stig-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-renameat: + rhcos4-stig-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlink: + rhcos4-stig-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-immutable: + rhcos4-stig-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-delete: + rhcos4-stig-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-finit: + rhcos4-stig-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-init: + rhcos4-stig-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-faillock: + rhcos4-stig-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-lastlog: + rhcos4-stig-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-tallylog: + rhcos4-stig-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-media-export: + rhcos4-stig-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chage: + rhcos4-stig-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chsh: + rhcos4-stig-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-crontab: + rhcos4-stig-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount: + rhcos4-stig-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-master-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-newgrp: + rhcos4-stig-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-passwd: + rhcos4-stig-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pkexec: + rhcos4-stig-master-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-master-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postdrop: + rhcos4-stig-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postqueue: + rhcos4-stig-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-su: + rhcos4-stig-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudo: + rhcos4-stig-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-umount: + rhcos4-stig-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-userhelper: + rhcos4-stig-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-utempter: + rhcos4-stig-master-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-write: + rhcos4-stig-master-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-session-events: + rhcos4-stig-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-sysadmin-actions: + rhcos4-stig-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification: + rhcos4-stig-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-group: + rhcos4-stig-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-passwd: + rhcos4-stig-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-shadow: + rhcos4-stig-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-disk-error-action: + rhcos4-stig-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-master-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-master-auditd-log-format: + rhcos4-stig-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-master-bios-enable-execution-restrictions: + rhcos4-stig-master-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-master-configure-usbguard-auditbackend: + rhcos4-stig-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-audit-option: + rhcos4-stig-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-enable-selinux-kernel-argument: + rhcos4-stig-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-master-coreos-page-poison-kernel-argument: + rhcos4-stig-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-slub-debug-kernel-argument: + rhcos4-stig-master-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-vsyscall-kernel-argument: + rhcos4-stig-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-file-groupowner-system-journal: + rhcos4-stig-master-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-groupowner-var-log: + rhcos4-stig-master-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-system-journal: + rhcos4-stig-master-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-var-log: + rhcos4-stig-master-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-ownership-var-log-audit: + rhcos4-stig-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-system-journal: + rhcos4-stig-master-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log: + rhcos4-stig-master-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log-audit: + rhcos4-stig-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-kernel-module-usb-storage-disabled: + rhcos4-stig-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-package-usbguard-installed: + rhcos4-stig-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-partition-for-var-log-audit: + rhcos4-stig-master-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-master-selinux-policytype: + rhcos4-stig-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-master-selinux-state: + rhcos4-stig-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-chronyd-or-ntpd-enabled: + rhcos4-stig-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-sshd-disabled: + rhcos4-stig-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-service-usbguard-enabled: + rhcos4-stig-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sshd-disable-root-login: + rhcos4-stig-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-dmesg-restrict: + rhcos4-stig-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-randomize-va-space: + rhcos4-stig-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-usbguard-allow-hid-and-hub: + rhcos4-stig-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-access-failed: + rhcos4-stig-worker-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-create-failed: + rhcos4-stig-worker-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-delete-failed: + rhcos4-stig-worker-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-immutable-login-uids: + rhcos4-stig-worker-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-modify-failed: + rhcos4-stig-worker-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-chmod: + rhcos4-stig-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-chown: + rhcos4-stig-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-fchmod: + rhcos4-stig-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchmodat: + rhcos4-stig-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchown: + rhcos4-stig-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchownat: + rhcos4-stig-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lchown: + rhcos4-stig-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-removexattr: + rhcos4-stig-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-setxattr: + rhcos4-stig-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount: + rhcos4-stig-worker-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount2: + rhcos4-stig-worker-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-chcon: + rhcos4-stig-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-semanage: + rhcos4-stig-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setfiles: + rhcos4-stig-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setsebool: + rhcos4-stig-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rename: + rhcos4-stig-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-renameat: + rhcos4-stig-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlink: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-immutable: + rhcos4-stig-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-delete: + rhcos4-stig-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-finit: + rhcos4-stig-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-init: + rhcos4-stig-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-faillock: + rhcos4-stig-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-lastlog: + rhcos4-stig-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-tallylog: + rhcos4-stig-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-media-export: + rhcos4-stig-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chage: + rhcos4-stig-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chsh: + rhcos4-stig-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-crontab: + rhcos4-stig-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount: + rhcos4-stig-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-worker-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-newgrp: + rhcos4-stig-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-passwd: + rhcos4-stig-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pkexec: + rhcos4-stig-worker-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postdrop: + rhcos4-stig-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postqueue: + rhcos4-stig-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-su: + rhcos4-stig-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudo: + rhcos4-stig-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-umount: + rhcos4-stig-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-userhelper: + rhcos4-stig-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-utempter: + rhcos4-stig-worker-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-write: + rhcos4-stig-worker-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-session-events: + rhcos4-stig-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-sysadmin-actions: + rhcos4-stig-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification: + rhcos4-stig-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-group: + rhcos4-stig-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-passwd: + rhcos4-stig-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-shadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-disk-error-action: + rhcos4-stig-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-worker-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-auditd-log-format: + rhcos4-stig-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-bios-enable-execution-restrictions: + rhcos4-stig-worker-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-configure-usbguard-auditbackend: + rhcos4-stig-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-audit-option: + rhcos4-stig-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-enable-selinux-kernel-argument: + rhcos4-stig-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-coreos-page-poison-kernel-argument: + rhcos4-stig-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-slub-debug-kernel-argument: + rhcos4-stig-worker-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-vsyscall-kernel-argument: + rhcos4-stig-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-file-groupowner-system-journal: + rhcos4-stig-worker-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-groupowner-var-log: + rhcos4-stig-worker-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-system-journal: + rhcos4-stig-worker-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-var-log: + rhcos4-stig-worker-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-ownership-var-log-audit: + rhcos4-stig-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-system-journal: + rhcos4-stig-worker-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log: + rhcos4-stig-worker-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log-audit: + rhcos4-stig-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-kernel-module-usb-storage-disabled: + rhcos4-stig-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-package-usbguard-installed: + rhcos4-stig-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-partition-for-var-log-audit: + rhcos4-stig-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-worker-selinux-policytype: + rhcos4-stig-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-selinux-state: + rhcos4-stig-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-chronyd-or-ntpd-enabled: + rhcos4-stig-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-sshd-disabled: + rhcos4-stig-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-service-usbguard-enabled: + rhcos4-stig-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sshd-disable-root-login: + rhcos4-stig-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-dmesg-restrict: + rhcos4-stig-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-randomize-va-space: + rhcos4-stig-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-usbguard-allow-hid-and-hub: + rhcos4-stig-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-stig-4.15.yml b/tests/assertions/ocp4/rhcos4-stig-4.15.yml index 163672d3104..bb0d854e72e 100644 --- a/tests/assertions/ocp4/rhcos4-stig-4.15.yml +++ b/tests/assertions/ocp4/rhcos4-stig-4.15.yml @@ -1,713 +1,713 @@ rule_results: - e2e-stig-master-audit-access-failed: + rhcos4-stig-master-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-create-failed: + rhcos4-stig-master-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-delete-failed: + rhcos4-stig-master-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-immutable-login-uids: + rhcos4-stig-master-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-modify-failed: + rhcos4-stig-master-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-chmod: + rhcos4-stig-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-chown: + rhcos4-stig-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-fchmod: + rhcos4-stig-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchmodat: + rhcos4-stig-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchown: + rhcos4-stig-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchownat: + rhcos4-stig-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lchown: + rhcos4-stig-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-removexattr: + rhcos4-stig-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-setxattr: + rhcos4-stig-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount: + rhcos4-stig-master-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount2: + rhcos4-stig-master-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-chcon: + rhcos4-stig-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-semanage: + rhcos4-stig-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setfiles: + rhcos4-stig-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setsebool: + rhcos4-stig-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rename: + rhcos4-stig-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-renameat: + rhcos4-stig-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlink: + rhcos4-stig-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-immutable: + rhcos4-stig-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-delete: + rhcos4-stig-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-finit: + rhcos4-stig-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-init: + rhcos4-stig-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-faillock: + rhcos4-stig-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-lastlog: + rhcos4-stig-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-tallylog: + rhcos4-stig-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-media-export: + rhcos4-stig-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chage: + rhcos4-stig-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chsh: + rhcos4-stig-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-crontab: + rhcos4-stig-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount: + rhcos4-stig-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-master-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-newgrp: + rhcos4-stig-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-passwd: + rhcos4-stig-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pkexec: + rhcos4-stig-master-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-master-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postdrop: + rhcos4-stig-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postqueue: + rhcos4-stig-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-su: + rhcos4-stig-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudo: + rhcos4-stig-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-umount: + rhcos4-stig-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-userhelper: + rhcos4-stig-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-utempter: + rhcos4-stig-master-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-write: + rhcos4-stig-master-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-session-events: + rhcos4-stig-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-sysadmin-actions: + rhcos4-stig-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification: + rhcos4-stig-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-group: + rhcos4-stig-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-passwd: + rhcos4-stig-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-shadow: + rhcos4-stig-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-disk-error-action: + rhcos4-stig-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-master-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-master-auditd-log-format: + rhcos4-stig-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-master-bios-enable-execution-restrictions: + rhcos4-stig-master-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-master-configure-usbguard-auditbackend: + rhcos4-stig-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-audit-option: + rhcos4-stig-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-enable-selinux-kernel-argument: + rhcos4-stig-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-master-coreos-page-poison-kernel-argument: + rhcos4-stig-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-slub-debug-kernel-argument: + rhcos4-stig-master-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-vsyscall-kernel-argument: + rhcos4-stig-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-file-groupowner-system-journal: + rhcos4-stig-master-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-groupowner-var-log: + rhcos4-stig-master-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-system-journal: + rhcos4-stig-master-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-var-log: + rhcos4-stig-master-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-ownership-var-log-audit: + rhcos4-stig-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-system-journal: + rhcos4-stig-master-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log: + rhcos4-stig-master-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log-audit: + rhcos4-stig-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-kernel-module-usb-storage-disabled: + rhcos4-stig-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-package-usbguard-installed: + rhcos4-stig-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-partition-for-var-log-audit: + rhcos4-stig-master-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-master-selinux-policytype: + rhcos4-stig-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-master-selinux-state: + rhcos4-stig-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-chronyd-or-ntpd-enabled: + rhcos4-stig-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-sshd-disabled: + rhcos4-stig-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-service-usbguard-enabled: + rhcos4-stig-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sshd-disable-root-login: + rhcos4-stig-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-dmesg-restrict: + rhcos4-stig-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-randomize-va-space: + rhcos4-stig-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-usbguard-allow-hid-and-hub: + rhcos4-stig-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-access-failed: + rhcos4-stig-worker-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-create-failed: + rhcos4-stig-worker-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-delete-failed: + rhcos4-stig-worker-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-immutable-login-uids: + rhcos4-stig-worker-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-modify-failed: + rhcos4-stig-worker-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-chmod: + rhcos4-stig-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-chown: + rhcos4-stig-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-fchmod: + rhcos4-stig-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchmodat: + rhcos4-stig-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchown: + rhcos4-stig-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchownat: + rhcos4-stig-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lchown: + rhcos4-stig-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-removexattr: + rhcos4-stig-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-setxattr: + rhcos4-stig-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount: + rhcos4-stig-worker-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount2: + rhcos4-stig-worker-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-chcon: + rhcos4-stig-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-semanage: + rhcos4-stig-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setfiles: + rhcos4-stig-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setsebool: + rhcos4-stig-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rename: + rhcos4-stig-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-renameat: + rhcos4-stig-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlink: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-immutable: + rhcos4-stig-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-delete: + rhcos4-stig-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-finit: + rhcos4-stig-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-init: + rhcos4-stig-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-faillock: + rhcos4-stig-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-lastlog: + rhcos4-stig-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-tallylog: + rhcos4-stig-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-media-export: + rhcos4-stig-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chage: + rhcos4-stig-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chsh: + rhcos4-stig-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-crontab: + rhcos4-stig-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount: + rhcos4-stig-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-worker-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-newgrp: + rhcos4-stig-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-passwd: + rhcos4-stig-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pkexec: + rhcos4-stig-worker-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postdrop: + rhcos4-stig-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postqueue: + rhcos4-stig-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-su: + rhcos4-stig-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudo: + rhcos4-stig-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-umount: + rhcos4-stig-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-userhelper: + rhcos4-stig-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-utempter: + rhcos4-stig-worker-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-write: + rhcos4-stig-worker-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-session-events: + rhcos4-stig-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-sysadmin-actions: + rhcos4-stig-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification: + rhcos4-stig-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-group: + rhcos4-stig-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-passwd: + rhcos4-stig-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-shadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-disk-error-action: + rhcos4-stig-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-worker-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-auditd-log-format: + rhcos4-stig-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-bios-enable-execution-restrictions: + rhcos4-stig-worker-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-configure-usbguard-auditbackend: + rhcos4-stig-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-audit-option: + rhcos4-stig-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-enable-selinux-kernel-argument: + rhcos4-stig-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-coreos-page-poison-kernel-argument: + rhcos4-stig-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-slub-debug-kernel-argument: + rhcos4-stig-worker-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-vsyscall-kernel-argument: + rhcos4-stig-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-file-groupowner-system-journal: + rhcos4-stig-worker-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-groupowner-var-log: + rhcos4-stig-worker-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-system-journal: + rhcos4-stig-worker-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-var-log: + rhcos4-stig-worker-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-ownership-var-log-audit: + rhcos4-stig-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-system-journal: + rhcos4-stig-worker-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log: + rhcos4-stig-worker-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log-audit: + rhcos4-stig-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-kernel-module-usb-storage-disabled: + rhcos4-stig-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-package-usbguard-installed: + rhcos4-stig-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-partition-for-var-log-audit: + rhcos4-stig-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-worker-selinux-policytype: + rhcos4-stig-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-selinux-state: + rhcos4-stig-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-chronyd-or-ntpd-enabled: + rhcos4-stig-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-sshd-disabled: + rhcos4-stig-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-service-usbguard-enabled: + rhcos4-stig-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sshd-disable-root-login: + rhcos4-stig-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-dmesg-restrict: + rhcos4-stig-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-randomize-va-space: + rhcos4-stig-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-usbguard-allow-hid-and-hub: + rhcos4-stig-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-stig-4.16.yml b/tests/assertions/ocp4/rhcos4-stig-4.16.yml index 163672d3104..bb0d854e72e 100644 --- a/tests/assertions/ocp4/rhcos4-stig-4.16.yml +++ b/tests/assertions/ocp4/rhcos4-stig-4.16.yml @@ -1,713 +1,713 @@ rule_results: - e2e-stig-master-audit-access-failed: + rhcos4-stig-master-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-create-failed: + rhcos4-stig-master-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-delete-failed: + rhcos4-stig-master-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-immutable-login-uids: + rhcos4-stig-master-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-modify-failed: + rhcos4-stig-master-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-chmod: + rhcos4-stig-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-chown: + rhcos4-stig-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-fchmod: + rhcos4-stig-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchmodat: + rhcos4-stig-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchown: + rhcos4-stig-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchownat: + rhcos4-stig-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lchown: + rhcos4-stig-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-removexattr: + rhcos4-stig-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-setxattr: + rhcos4-stig-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount: + rhcos4-stig-master-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount2: + rhcos4-stig-master-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-chcon: + rhcos4-stig-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-semanage: + rhcos4-stig-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setfiles: + rhcos4-stig-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setsebool: + rhcos4-stig-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rename: + rhcos4-stig-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-renameat: + rhcos4-stig-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlink: + rhcos4-stig-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-immutable: + rhcos4-stig-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-delete: + rhcos4-stig-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-finit: + rhcos4-stig-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-init: + rhcos4-stig-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-faillock: + rhcos4-stig-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-lastlog: + rhcos4-stig-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-tallylog: + rhcos4-stig-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-media-export: + rhcos4-stig-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chage: + rhcos4-stig-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chsh: + rhcos4-stig-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-crontab: + rhcos4-stig-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount: + rhcos4-stig-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-master-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-newgrp: + rhcos4-stig-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-passwd: + rhcos4-stig-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pkexec: + rhcos4-stig-master-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-master-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postdrop: + rhcos4-stig-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postqueue: + rhcos4-stig-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-su: + rhcos4-stig-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudo: + rhcos4-stig-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-umount: + rhcos4-stig-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-userhelper: + rhcos4-stig-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-utempter: + rhcos4-stig-master-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-write: + rhcos4-stig-master-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-session-events: + rhcos4-stig-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-sysadmin-actions: + rhcos4-stig-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification: + rhcos4-stig-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-group: + rhcos4-stig-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-passwd: + rhcos4-stig-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-shadow: + rhcos4-stig-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-disk-error-action: + rhcos4-stig-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-master-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-master-auditd-log-format: + rhcos4-stig-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-master-bios-enable-execution-restrictions: + rhcos4-stig-master-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-master-configure-usbguard-auditbackend: + rhcos4-stig-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-audit-option: + rhcos4-stig-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-enable-selinux-kernel-argument: + rhcos4-stig-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-master-coreos-page-poison-kernel-argument: + rhcos4-stig-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-slub-debug-kernel-argument: + rhcos4-stig-master-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-vsyscall-kernel-argument: + rhcos4-stig-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-file-groupowner-system-journal: + rhcos4-stig-master-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-groupowner-var-log: + rhcos4-stig-master-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-system-journal: + rhcos4-stig-master-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-var-log: + rhcos4-stig-master-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-ownership-var-log-audit: + rhcos4-stig-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-system-journal: + rhcos4-stig-master-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log: + rhcos4-stig-master-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log-audit: + rhcos4-stig-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-kernel-module-usb-storage-disabled: + rhcos4-stig-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-package-usbguard-installed: + rhcos4-stig-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-partition-for-var-log-audit: + rhcos4-stig-master-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-master-selinux-policytype: + rhcos4-stig-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-master-selinux-state: + rhcos4-stig-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-chronyd-or-ntpd-enabled: + rhcos4-stig-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-sshd-disabled: + rhcos4-stig-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-service-usbguard-enabled: + rhcos4-stig-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sshd-disable-root-login: + rhcos4-stig-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-dmesg-restrict: + rhcos4-stig-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-randomize-va-space: + rhcos4-stig-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-usbguard-allow-hid-and-hub: + rhcos4-stig-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-access-failed: + rhcos4-stig-worker-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-create-failed: + rhcos4-stig-worker-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-delete-failed: + rhcos4-stig-worker-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-immutable-login-uids: + rhcos4-stig-worker-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-modify-failed: + rhcos4-stig-worker-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-chmod: + rhcos4-stig-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-chown: + rhcos4-stig-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-fchmod: + rhcos4-stig-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchmodat: + rhcos4-stig-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchown: + rhcos4-stig-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchownat: + rhcos4-stig-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lchown: + rhcos4-stig-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-removexattr: + rhcos4-stig-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-setxattr: + rhcos4-stig-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount: + rhcos4-stig-worker-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount2: + rhcos4-stig-worker-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-chcon: + rhcos4-stig-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-semanage: + rhcos4-stig-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setfiles: + rhcos4-stig-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setsebool: + rhcos4-stig-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rename: + rhcos4-stig-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-renameat: + rhcos4-stig-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlink: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-immutable: + rhcos4-stig-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-delete: + rhcos4-stig-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-finit: + rhcos4-stig-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-init: + rhcos4-stig-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-faillock: + rhcos4-stig-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-lastlog: + rhcos4-stig-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-tallylog: + rhcos4-stig-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-media-export: + rhcos4-stig-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chage: + rhcos4-stig-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chsh: + rhcos4-stig-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-crontab: + rhcos4-stig-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount: + rhcos4-stig-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-worker-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-newgrp: + rhcos4-stig-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-passwd: + rhcos4-stig-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pkexec: + rhcos4-stig-worker-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postdrop: + rhcos4-stig-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postqueue: + rhcos4-stig-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-su: + rhcos4-stig-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudo: + rhcos4-stig-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-umount: + rhcos4-stig-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-userhelper: + rhcos4-stig-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-utempter: + rhcos4-stig-worker-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-write: + rhcos4-stig-worker-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-session-events: + rhcos4-stig-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-sysadmin-actions: + rhcos4-stig-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification: + rhcos4-stig-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-group: + rhcos4-stig-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-passwd: + rhcos4-stig-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-shadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-disk-error-action: + rhcos4-stig-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-worker-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-auditd-log-format: + rhcos4-stig-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-bios-enable-execution-restrictions: + rhcos4-stig-worker-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-configure-usbguard-auditbackend: + rhcos4-stig-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-audit-option: + rhcos4-stig-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-enable-selinux-kernel-argument: + rhcos4-stig-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-coreos-page-poison-kernel-argument: + rhcos4-stig-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-slub-debug-kernel-argument: + rhcos4-stig-worker-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-vsyscall-kernel-argument: + rhcos4-stig-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-file-groupowner-system-journal: + rhcos4-stig-worker-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-groupowner-var-log: + rhcos4-stig-worker-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-system-journal: + rhcos4-stig-worker-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-var-log: + rhcos4-stig-worker-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-ownership-var-log-audit: + rhcos4-stig-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-system-journal: + rhcos4-stig-worker-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log: + rhcos4-stig-worker-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log-audit: + rhcos4-stig-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-kernel-module-usb-storage-disabled: + rhcos4-stig-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-package-usbguard-installed: + rhcos4-stig-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-partition-for-var-log-audit: + rhcos4-stig-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-worker-selinux-policytype: + rhcos4-stig-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-selinux-state: + rhcos4-stig-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-chronyd-or-ntpd-enabled: + rhcos4-stig-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-sshd-disabled: + rhcos4-stig-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-service-usbguard-enabled: + rhcos4-stig-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sshd-disable-root-login: + rhcos4-stig-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-dmesg-restrict: + rhcos4-stig-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-randomize-va-space: + rhcos4-stig-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-usbguard-allow-hid-and-hub: + rhcos4-stig-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-stig-4.17.yml b/tests/assertions/ocp4/rhcos4-stig-4.17.yml index 163672d3104..bb0d854e72e 100644 --- a/tests/assertions/ocp4/rhcos4-stig-4.17.yml +++ b/tests/assertions/ocp4/rhcos4-stig-4.17.yml @@ -1,713 +1,713 @@ rule_results: - e2e-stig-master-audit-access-failed: + rhcos4-stig-master-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-create-failed: + rhcos4-stig-master-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-delete-failed: + rhcos4-stig-master-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-immutable-login-uids: + rhcos4-stig-master-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-modify-failed: + rhcos4-stig-master-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-chmod: + rhcos4-stig-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-chown: + rhcos4-stig-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-fchmod: + rhcos4-stig-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchmodat: + rhcos4-stig-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchown: + rhcos4-stig-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchownat: + rhcos4-stig-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lchown: + rhcos4-stig-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-removexattr: + rhcos4-stig-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-setxattr: + rhcos4-stig-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount: + rhcos4-stig-master-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount2: + rhcos4-stig-master-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-chcon: + rhcos4-stig-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-semanage: + rhcos4-stig-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setfiles: + rhcos4-stig-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setsebool: + rhcos4-stig-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rename: + rhcos4-stig-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-renameat: + rhcos4-stig-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlink: + rhcos4-stig-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-immutable: + rhcos4-stig-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-delete: + rhcos4-stig-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-finit: + rhcos4-stig-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-init: + rhcos4-stig-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-faillock: + rhcos4-stig-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-lastlog: + rhcos4-stig-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-tallylog: + rhcos4-stig-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-media-export: + rhcos4-stig-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chage: + rhcos4-stig-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chsh: + rhcos4-stig-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-crontab: + rhcos4-stig-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount: + rhcos4-stig-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-master-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-newgrp: + rhcos4-stig-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-passwd: + rhcos4-stig-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pkexec: + rhcos4-stig-master-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-master-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postdrop: + rhcos4-stig-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postqueue: + rhcos4-stig-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-su: + rhcos4-stig-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudo: + rhcos4-stig-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-umount: + rhcos4-stig-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-userhelper: + rhcos4-stig-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-utempter: + rhcos4-stig-master-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-write: + rhcos4-stig-master-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-session-events: + rhcos4-stig-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-sysadmin-actions: + rhcos4-stig-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification: + rhcos4-stig-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-group: + rhcos4-stig-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-passwd: + rhcos4-stig-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-shadow: + rhcos4-stig-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-disk-error-action: + rhcos4-stig-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-master-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-master-auditd-log-format: + rhcos4-stig-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-master-bios-enable-execution-restrictions: + rhcos4-stig-master-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-master-configure-usbguard-auditbackend: + rhcos4-stig-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-audit-option: + rhcos4-stig-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-enable-selinux-kernel-argument: + rhcos4-stig-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-master-coreos-page-poison-kernel-argument: + rhcos4-stig-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-slub-debug-kernel-argument: + rhcos4-stig-master-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-vsyscall-kernel-argument: + rhcos4-stig-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-file-groupowner-system-journal: + rhcos4-stig-master-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-groupowner-var-log: + rhcos4-stig-master-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-system-journal: + rhcos4-stig-master-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-var-log: + rhcos4-stig-master-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-ownership-var-log-audit: + rhcos4-stig-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-system-journal: + rhcos4-stig-master-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log: + rhcos4-stig-master-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log-audit: + rhcos4-stig-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-kernel-module-usb-storage-disabled: + rhcos4-stig-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-package-usbguard-installed: + rhcos4-stig-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-partition-for-var-log-audit: + rhcos4-stig-master-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-master-selinux-policytype: + rhcos4-stig-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-master-selinux-state: + rhcos4-stig-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-chronyd-or-ntpd-enabled: + rhcos4-stig-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-sshd-disabled: + rhcos4-stig-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-service-usbguard-enabled: + rhcos4-stig-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sshd-disable-root-login: + rhcos4-stig-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-dmesg-restrict: + rhcos4-stig-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-randomize-va-space: + rhcos4-stig-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-usbguard-allow-hid-and-hub: + rhcos4-stig-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-access-failed: + rhcos4-stig-worker-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-create-failed: + rhcos4-stig-worker-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-delete-failed: + rhcos4-stig-worker-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-immutable-login-uids: + rhcos4-stig-worker-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-modify-failed: + rhcos4-stig-worker-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-chmod: + rhcos4-stig-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-chown: + rhcos4-stig-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-fchmod: + rhcos4-stig-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchmodat: + rhcos4-stig-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchown: + rhcos4-stig-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchownat: + rhcos4-stig-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lchown: + rhcos4-stig-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-removexattr: + rhcos4-stig-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-setxattr: + rhcos4-stig-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount: + rhcos4-stig-worker-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount2: + rhcos4-stig-worker-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-chcon: + rhcos4-stig-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-semanage: + rhcos4-stig-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setfiles: + rhcos4-stig-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setsebool: + rhcos4-stig-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rename: + rhcos4-stig-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-renameat: + rhcos4-stig-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlink: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-immutable: + rhcos4-stig-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-delete: + rhcos4-stig-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-finit: + rhcos4-stig-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-init: + rhcos4-stig-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-faillock: + rhcos4-stig-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-lastlog: + rhcos4-stig-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-tallylog: + rhcos4-stig-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-media-export: + rhcos4-stig-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chage: + rhcos4-stig-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chsh: + rhcos4-stig-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-crontab: + rhcos4-stig-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount: + rhcos4-stig-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-worker-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-newgrp: + rhcos4-stig-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-passwd: + rhcos4-stig-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pkexec: + rhcos4-stig-worker-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postdrop: + rhcos4-stig-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postqueue: + rhcos4-stig-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-su: + rhcos4-stig-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudo: + rhcos4-stig-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-umount: + rhcos4-stig-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-userhelper: + rhcos4-stig-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-utempter: + rhcos4-stig-worker-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-write: + rhcos4-stig-worker-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-session-events: + rhcos4-stig-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-sysadmin-actions: + rhcos4-stig-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification: + rhcos4-stig-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-group: + rhcos4-stig-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-passwd: + rhcos4-stig-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-shadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-disk-error-action: + rhcos4-stig-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-worker-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-auditd-log-format: + rhcos4-stig-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-bios-enable-execution-restrictions: + rhcos4-stig-worker-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-configure-usbguard-auditbackend: + rhcos4-stig-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-audit-option: + rhcos4-stig-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-enable-selinux-kernel-argument: + rhcos4-stig-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-coreos-page-poison-kernel-argument: + rhcos4-stig-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-slub-debug-kernel-argument: + rhcos4-stig-worker-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-vsyscall-kernel-argument: + rhcos4-stig-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-file-groupowner-system-journal: + rhcos4-stig-worker-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-groupowner-var-log: + rhcos4-stig-worker-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-system-journal: + rhcos4-stig-worker-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-var-log: + rhcos4-stig-worker-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-ownership-var-log-audit: + rhcos4-stig-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-system-journal: + rhcos4-stig-worker-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log: + rhcos4-stig-worker-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log-audit: + rhcos4-stig-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-kernel-module-usb-storage-disabled: + rhcos4-stig-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-package-usbguard-installed: + rhcos4-stig-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-partition-for-var-log-audit: + rhcos4-stig-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-worker-selinux-policytype: + rhcos4-stig-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-selinux-state: + rhcos4-stig-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-chronyd-or-ntpd-enabled: + rhcos4-stig-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-sshd-disabled: + rhcos4-stig-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-service-usbguard-enabled: + rhcos4-stig-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sshd-disable-root-login: + rhcos4-stig-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-dmesg-restrict: + rhcos4-stig-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-randomize-va-space: + rhcos4-stig-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-usbguard-allow-hid-and-hub: + rhcos4-stig-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-stig-4.18.yml b/tests/assertions/ocp4/rhcos4-stig-4.18.yml index 163672d3104..bb0d854e72e 100644 --- a/tests/assertions/ocp4/rhcos4-stig-4.18.yml +++ b/tests/assertions/ocp4/rhcos4-stig-4.18.yml @@ -1,713 +1,713 @@ rule_results: - e2e-stig-master-audit-access-failed: + rhcos4-stig-master-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-create-failed: + rhcos4-stig-master-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-delete-failed: + rhcos4-stig-master-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-immutable-login-uids: + rhcos4-stig-master-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-modify-failed: + rhcos4-stig-master-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-chmod: + rhcos4-stig-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-chown: + rhcos4-stig-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-fchmod: + rhcos4-stig-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchmodat: + rhcos4-stig-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchown: + rhcos4-stig-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchownat: + rhcos4-stig-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lchown: + rhcos4-stig-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-removexattr: + rhcos4-stig-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-setxattr: + rhcos4-stig-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount: + rhcos4-stig-master-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount2: + rhcos4-stig-master-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-chcon: + rhcos4-stig-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-semanage: + rhcos4-stig-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setfiles: + rhcos4-stig-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setsebool: + rhcos4-stig-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rename: + rhcos4-stig-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-renameat: + rhcos4-stig-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlink: + rhcos4-stig-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-immutable: + rhcos4-stig-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-delete: + rhcos4-stig-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-finit: + rhcos4-stig-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-init: + rhcos4-stig-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-faillock: + rhcos4-stig-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-lastlog: + rhcos4-stig-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-tallylog: + rhcos4-stig-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-media-export: + rhcos4-stig-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chage: + rhcos4-stig-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chsh: + rhcos4-stig-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-crontab: + rhcos4-stig-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount: + rhcos4-stig-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-master-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-newgrp: + rhcos4-stig-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-passwd: + rhcos4-stig-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pkexec: + rhcos4-stig-master-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-master-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postdrop: + rhcos4-stig-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postqueue: + rhcos4-stig-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-su: + rhcos4-stig-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudo: + rhcos4-stig-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-umount: + rhcos4-stig-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-userhelper: + rhcos4-stig-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-utempter: + rhcos4-stig-master-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-write: + rhcos4-stig-master-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-session-events: + rhcos4-stig-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-sysadmin-actions: + rhcos4-stig-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification: + rhcos4-stig-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-group: + rhcos4-stig-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-passwd: + rhcos4-stig-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-shadow: + rhcos4-stig-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-disk-error-action: + rhcos4-stig-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-master-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-master-auditd-log-format: + rhcos4-stig-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-master-bios-enable-execution-restrictions: + rhcos4-stig-master-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-master-configure-usbguard-auditbackend: + rhcos4-stig-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-audit-option: + rhcos4-stig-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-enable-selinux-kernel-argument: + rhcos4-stig-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-master-coreos-page-poison-kernel-argument: + rhcos4-stig-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-slub-debug-kernel-argument: + rhcos4-stig-master-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-vsyscall-kernel-argument: + rhcos4-stig-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-file-groupowner-system-journal: + rhcos4-stig-master-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-groupowner-var-log: + rhcos4-stig-master-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-system-journal: + rhcos4-stig-master-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-var-log: + rhcos4-stig-master-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-ownership-var-log-audit: + rhcos4-stig-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-system-journal: + rhcos4-stig-master-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log: + rhcos4-stig-master-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log-audit: + rhcos4-stig-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-kernel-module-usb-storage-disabled: + rhcos4-stig-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-package-usbguard-installed: + rhcos4-stig-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-partition-for-var-log-audit: + rhcos4-stig-master-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-master-selinux-policytype: + rhcos4-stig-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-master-selinux-state: + rhcos4-stig-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-chronyd-or-ntpd-enabled: + rhcos4-stig-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-sshd-disabled: + rhcos4-stig-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-service-usbguard-enabled: + rhcos4-stig-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sshd-disable-root-login: + rhcos4-stig-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-dmesg-restrict: + rhcos4-stig-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-randomize-va-space: + rhcos4-stig-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-usbguard-allow-hid-and-hub: + rhcos4-stig-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-access-failed: + rhcos4-stig-worker-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-create-failed: + rhcos4-stig-worker-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-delete-failed: + rhcos4-stig-worker-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-immutable-login-uids: + rhcos4-stig-worker-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-modify-failed: + rhcos4-stig-worker-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-chmod: + rhcos4-stig-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-chown: + rhcos4-stig-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-fchmod: + rhcos4-stig-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchmodat: + rhcos4-stig-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchown: + rhcos4-stig-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchownat: + rhcos4-stig-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lchown: + rhcos4-stig-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-removexattr: + rhcos4-stig-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-setxattr: + rhcos4-stig-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount: + rhcos4-stig-worker-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount2: + rhcos4-stig-worker-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-chcon: + rhcos4-stig-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-semanage: + rhcos4-stig-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setfiles: + rhcos4-stig-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setsebool: + rhcos4-stig-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rename: + rhcos4-stig-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-renameat: + rhcos4-stig-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlink: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-immutable: + rhcos4-stig-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-delete: + rhcos4-stig-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-finit: + rhcos4-stig-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-init: + rhcos4-stig-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-faillock: + rhcos4-stig-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-lastlog: + rhcos4-stig-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-tallylog: + rhcos4-stig-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-media-export: + rhcos4-stig-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chage: + rhcos4-stig-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chsh: + rhcos4-stig-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-crontab: + rhcos4-stig-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount: + rhcos4-stig-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-worker-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-newgrp: + rhcos4-stig-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-passwd: + rhcos4-stig-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pkexec: + rhcos4-stig-worker-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postdrop: + rhcos4-stig-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postqueue: + rhcos4-stig-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-su: + rhcos4-stig-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudo: + rhcos4-stig-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-umount: + rhcos4-stig-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-userhelper: + rhcos4-stig-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-utempter: + rhcos4-stig-worker-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-write: + rhcos4-stig-worker-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-session-events: + rhcos4-stig-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-sysadmin-actions: + rhcos4-stig-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification: + rhcos4-stig-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-group: + rhcos4-stig-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-passwd: + rhcos4-stig-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-shadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-disk-error-action: + rhcos4-stig-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-worker-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-auditd-log-format: + rhcos4-stig-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-bios-enable-execution-restrictions: + rhcos4-stig-worker-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-configure-usbguard-auditbackend: + rhcos4-stig-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-audit-option: + rhcos4-stig-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-enable-selinux-kernel-argument: + rhcos4-stig-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-coreos-page-poison-kernel-argument: + rhcos4-stig-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-slub-debug-kernel-argument: + rhcos4-stig-worker-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-vsyscall-kernel-argument: + rhcos4-stig-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-file-groupowner-system-journal: + rhcos4-stig-worker-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-groupowner-var-log: + rhcos4-stig-worker-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-system-journal: + rhcos4-stig-worker-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-var-log: + rhcos4-stig-worker-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-ownership-var-log-audit: + rhcos4-stig-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-system-journal: + rhcos4-stig-worker-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log: + rhcos4-stig-worker-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log-audit: + rhcos4-stig-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-kernel-module-usb-storage-disabled: + rhcos4-stig-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-package-usbguard-installed: + rhcos4-stig-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-partition-for-var-log-audit: + rhcos4-stig-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-worker-selinux-policytype: + rhcos4-stig-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-selinux-state: + rhcos4-stig-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-chronyd-or-ntpd-enabled: + rhcos4-stig-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-sshd-disabled: + rhcos4-stig-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-service-usbguard-enabled: + rhcos4-stig-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sshd-disable-root-login: + rhcos4-stig-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-dmesg-restrict: + rhcos4-stig-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-randomize-va-space: + rhcos4-stig-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-usbguard-allow-hid-and-hub: + rhcos4-stig-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS