Add RHCOS STIG content and enable for NIST

linux_os/guide/services/mail/package_sendmail_removed/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhcos4
 
 title: 'Uninstall Sendmail Package'
 

linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,rhcos4
 
 title: 'Enable Smartcards in SSSD'
 

linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,rhcos4
 
 title: 'Configure SSSD to Expire Offline Credentials'
 

linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol8,rhel8
+prodtype: fedora,ol8,rhel8,rhcos4
 
 title: 'Support session locking with tmux'
 

linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol8,rhel8
+prodtype: fedora,ol8,rhel8,rhcos4
 
 title: 'Configure tmux to lock session after inactivity'
 

linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol8,rhel8
+prodtype: fedora,ol8,rhel8,rhcos4
 
 title: 'Configure the tmux Lock Command'
 

linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol8,rhel8,rhv4
+prodtype: fedora,ol8,rhel8,rhv4,rhcos4
 
 title: 'Install the tmux Package'
 

linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,sle15,wrlinux1019
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,sle15,wrlinux1019,rhcos4
 
 title: 'Set Interactive Session Timeout'
 

linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8
+prodtype: ol8,rhel8,rhcos4
 
 title: 'Configure auditing of unsuccessful file accesses'
 

linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8
+prodtype: ol8,rhel8,rhcos4
 
 title: 'Configure auditing of successful file accesses'
 

linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8,rhcos4
+prodtype: ol8,rhel8,rhcos4,rhcos4
 
 title: 'Configure basic parameters of Audit system'
 

linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8
+prodtype: ol8,rhel8,rhcos4
 
 title: 'Configure auditing of unsuccessful file creations'
 

linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8
+prodtype: ol8,rhel8,rhcos4
 
 title: 'Configure auditing of successful file creations'
 

linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8
+prodtype: ol8,rhel8,rhcos4
 
 title: 'Configure auditing of unsuccessful file deletions'
 

linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8
+prodtype: ol8,rhel8,rhcos4
 
 title: 'Configure auditing of successful file deletions'
 

linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8
+prodtype: ol8,rhel8,rhcos4
 
 title: 'Configure immutable Audit login UIDs'
 

linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8,rhcos4
+prodtype: ol8,rhel8,rhcos4,rhcos4
 
 title: 'Configure auditing of unsuccessful file modifications'
 

linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8
+prodtype: ol8,rhel8,rhcos4
 
 title: 'Configure auditing of successful file modifications'
 

linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8,rhcos4
+prodtype: ol8,rhel8,rhcos4,rhcos4
 
 title: 'Configure auditing of loading and unloading of kernel modules'
 

linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8,rhcos4
+prodtype: ol8,rhel8,rhcos4,rhcos4
 
 title: 'Perform general configuration of Audit for OSPP'
 

linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8
+prodtype: ol8,rhel8,rhcos4
 
 title: 'Configure auditing of unsuccessful ownership changes'
 

linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8
+prodtype: ol8,rhel8,rhcos4
 
 title: 'Configure auditing of successful ownership changes'
 

linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8
+prodtype: ol8,rhel8,rhcos4
 
 title: 'Configure auditing of unsuccessful permission changes'
 

linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol8,rhel8
+prodtype: ol8,rhel8,rhcos4
 
 title: 'Configure auditing of successful permission changes'
 

linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol7,ol8,rhel7,rhel8
+prodtype: ol7,ol8,rhel7,rhel8,rhcos4
 
 title: 'Configure audit according to OSPP requirements'
 

linux_os/guide/system/bootloader-zipl/zipl_audit_argument/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: rhel8
+prodtype: rhel8,rhcos4
 
 title: 'Enable Auditing to Start Prior to the Audit Daemon in zIPL'
 

linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: rhel8
+prodtype: rhel8,rhcos4
 
 title: 'Extend Audit Backlog Limit for the Audit Daemon in zIPL'
 

linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: rhel8
+prodtype: rhel8,rhcos4
 
 title: 'Ensure all zIPL boot entries are BLS compliant'
 

linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: rhel8
+prodtype: rhel8,rhcos4
 
 title: 'Ensure zIPL bootmap is up to date'
 

linux_os/guide/system/bootloader-zipl/zipl_enable_selinux/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: rhel8
+prodtype: rhel8,rhcos4
 
 title: 'Ensure SELinux Not Disabled in zIPL'
 

linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: rhel8
+prodtype: rhel8,rhcos4
 
 title: 'Enable page allocator poisoning in zIPL'
 

linux_os/guide/system/bootloader-zipl/zipl_slub_debug_argument/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: rhel8
+prodtype: rhel8,rhcos4
 
 title: 'Enable SLUB/SLAB allocator poisoning in zIPL'
 

linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: rhel8
+prodtype: rhel8,rhcos4
 
 title: 'Disable vsyscalls in zIPL'
 

linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhcos4
 
 title: 'Add nodev Option to /boot'
 

linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhcos4
 
 title: 'Add nosuid Option to /boot'
 

linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019
+prodtype: ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019,rhcos4
 
 title: 'Add nosuid Option to /home'
 

linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhcos4
 
 title: 'Add nodev Option to Non-Root Local Partitions'
 

linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8,sle15,ubuntu1804
+prodtype: fedora,ol7,ol8,rhel7,rhel8,sle15,ubuntu1804,rhcos4
 
 title: 'Add nodev Option to /tmp'
 

linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8,sle15
+prodtype: fedora,ol7,ol8,rhel7,rhel8,sle15,rhcos4
 
 title: 'Add noexec Option to /tmp'
 

linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8,sle15,ubuntu1804
+prodtype: fedora,ol7,ol8,rhel7,rhel8,sle15,ubuntu1804,rhcos4
 
 title: 'Add nosuid Option to /tmp'
 

linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhcos4
 
 title: 'Add nodev Option to /var/log/audit'
 

linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhcos4
 
 title: 'Add noexec Option to /var/log/audit'
 

linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhcos4
 
 title: 'Add nosuid Option to /var/log/audit'
 

linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhcos4
 
 title: 'Add nodev Option to /var/log'
 

linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhcos4
 
 title: 'Add noexec Option to /var/log'
 

linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhcos4
 
 title: 'Add nosuid Option to /var/log'
 

linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,ol7,ol8,rhel7,rhel8
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhcos4
 
 title: 'Add nodev Option to /var'
 

linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: fedora,rhel7,rhel8
+prodtype: fedora,rhel7,rhel8,rhcos4
 
 title: 'Add nosuid Option to /var'
 

linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: ol7,ol8,rhel7,rhel8,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhv4,rhcos4
 
 title: 'Encrypt Partitions'
 

linux_os/guide/system/software/integrity/crypto/ssh_client_rekey_limit/rule.yml

@@ -1,6 +1,6 @@
 documentation_complete: true
 
-prodtype: rhel8
+prodtype: rhel8,rhcos4
 
 title: 'Configure session renegotiation for SSH client'