/usr/bin/diffoscope --timeout 7200 --html /srv/reproducible-results/rbuild-debian/r-b-build.dm7BsU4z/scap-security-guide_0.1.65-1.diffoscope.html --text /srv/reproducible-results/rbuild-debian/r-b-build.dm7BsU4z/scap-security-guide_0.1.65-1.diffoscope.txt --json /srv/reproducible-results/rbuild-debian/r-b-build.dm7BsU4z/scap-security-guide_0.1.65-1.diffoscope.json --profile=- /srv/reproducible-results/rbuild-debian/r-b-build.dm7BsU4z/b1/scap-security-guide_0.1.65-1_armhf.changes /srv/reproducible-results/rbuild-debian/r-b-build.dm7BsU4z/b2/scap-security-guide_0.1.65-1

⊟

347 MB

/srv/reproducible-results/rbuild-debian/r-b-build.dm7BsU4z/b1/scap-security-guide_0.1.65-1_armhf.changes vs.

/srv/reproducible-results/rbuild-debian/r-b-build.dm7BsU4z/b2/scap-security-guide_0.1.65-1_armhf.changes ¶

⊟

822 B

Files ¶

⊟

777 KB

ssg-applications_0.1.65-1_all.deb ¶

⊟

452 B

file list ¶

⊟

98.0 B

control.tar.xz ¶

⊟

70.0 B

control.tar ¶

⊟

48.0 B

./md5sums ¶

⊟

30.0 B

./md5sums ¶

Files differ

⊟

776 KB

data.tar.xz ¶

⊟

776 KB

data.tar ¶

⊟

74.2 KB

⊟

74.1 KB

Ordering differences only

⊟

74.2 KB

⊟

74.1 KB

Ordering differences only

⊟

70.2 KB

⊟

70.0 KB

Ordering differences only

⊟

140 KB

⊟

140 KB

Ordering differences only

⊟

140 KB

⊟

140 KB

Ordering differences only

⊟

135 KB

⊟

135 KB

Ordering differences only

⊟

48.4 KB

⊟

48.3 KB

Ordering differences only

⊟

48.4 KB

⊟

48.3 KB

Ordering differences only

⊟

45.6 KB

⊟

45.5 KB

Ordering differences only

⊟

15.3 MB

ssg-debderived_0.1.65-1_all.deb ¶

⊟

367 B

file list ¶

⊟

98.0 B

control.tar.xz ¶

⊟

70.0 B

control.tar ¶

⊟

48.0 B

./md5sums ¶

⊟

30.0 B

./md5sums ¶

Files differ

⊟

15.3 MB

data.tar.xz ¶

⊟

15.3 MB

data.tar ¶

⊟

49.2 KB

⊟

7.71 KB

⊟

33.3 KB

⊟

5.84 KB

⊟

765 KB

⊟

189 KB

⊟

767 KB

⊟

189 KB

⊟

15.9 KB

⊟

1.57 KB

⊟

773 KB

⊟

198 KB

⊟

49.4 KB

⊟

7.71 KB

⊟

33.3 KB

⊟

5.84 KB

⊟

49.3 KB

⊟

7.73 KB

⊟

49.3 KB

⊟

7.73 KB

⊟

15.9 KB

⊟

1.57 KB

⊟

2.71 KB

Ordering differences only

⊟

2.71 KB

Ordering differences only

⊟

136 KB

Ordering differences only

⊟

136 KB

Ordering differences only

⊟

126 KB

Ordering differences only

⊟

2.71 KB

Ordering differences only

⊟

2.71 KB

Ordering differences only

⊟

2.71 KB

Ordering differences only

⊟

2.72 KB

Ordering differences only

⊟

692 KB

⊟

692 KB

Ordering differences only

⊟

692 KB

⊟

692 KB

Ordering differences only

⊟

653 KB

⊟

653 KB

Ordering differences only

⊟

10.2 KB

⊟

10.1 KB

Ordering differences only

⊟

720 KB

⊟

720 KB

Ordering differences only

⊟

720 KB

⊟

720 KB

Ordering differences only

⊟

678 KB

⊟

678 KB

Ordering differences only

⊟

11.1 KB

⊟

11.0 KB

Ordering differences only

⊟

1.55 MB

⊟

1.55 MB

Max HTML report size reached

⊟

1.55 MB

⊟

1.55 MB

Max HTML report size reached

⊟

1.17 MB

⊟

1.17 MB

Max HTML report size reached

⊟

337 KB

⊟

337 KB

⊟

1.24 MB

⊟

1.24 MB

Max HTML report size reached

⊟

1.24 MB

⊟

1.24 MB

Max HTML report size reached

⊟

1.17 MB

⊟

1.17 MB

Max HTML report size reached

⊟

26.9 KB

⊟

26.7 KB

⊟

4.36 MB

ssg-debian_0.1.65-1_all.deb ¶

⊟

367 B

file list ¶

⊟

98.0 B

control.tar.xz ¶

⊟

70.0 B

control.tar ¶

⊟

48.0 B

./md5sums ¶

⊟

30.0 B

./md5sums ¶

Files differ

⊟

4.36 MB

data.tar.xz ¶

⊟

4.36 MB

data.tar ¶

⊟

782 KB

⊟

782 KB

Max HTML report size reached

⊟

782 KB

⊟

782 KB

Max HTML report size reached

⊟

690 KB

⊟

690 KB

Ordering differences only

⊟

61.2 KB

⊟

61.0 KB

⊟

727 KB

⊟

727 KB

Max HTML report size reached

⊟

727 KB

⊟

727 KB

Ordering differences only

⊟

690 KB

⊟

690 KB

Ordering differences only

⊟

5.99 KB

⊟

5.88 KB

Ordering differences only

⊟

326 MB

ssg-nondebian_0.1.65-1_all.deb ¶

⊟

452 B

file list ¶

⊟

98.0 B

control.tar.xz ¶

⊟

70.0 B

control.tar ¶

⊟

48.0 B

./md5sums ¶

⊟

30.0 B

./md5sums ¶

Files differ

⊟

326 MB

data.tar.xz ¶

⊟

326 MB

data.tar ¶

⊟

125 KB

⊟

27.6 KB

⊟

34.8 KB

⊟

6.98 KB

⊟

3.12 KB

⊟

1.09 KB

⊟

142 KB

⊟

30.5 KB

⊟

57.2 KB

⊟

12.3 KB

⊟

2.99 KB

⊟

1.09 KB

⊟

683 KB

⊟

190 KB

⊟

570 KB

⊟

155 KB

⊟

655 KB

⊟

56.7 KB

⊟

712 KB

⊟

60.9 KB

⊟

655 KB

⊟

56.7 KB

⊟

245 KB

⊟

17.4 KB

⊟

1.75 MB

⊟

338 KB

⊟

887 KB

⊟

89.0 KB

⊟

855 KB

⊟

84.7 KB

⊟

1.71 MB

⊟

335 KB

⊟

609 KB

⊟

177 KB

⊟

1.04 MB

⊟

96.1 KB

⊟

707 KB

⊟

140 KB

⊟

1.25 MB

⊟

346 KB

⊟

890 KB

⊟

170 KB

⊟

1.04 MB

⊟

96.1 KB

⊟

978 KB

⊟

273 KB

⊟

113 KB

⊟

20.4 KB

⊟

566 KB

⊟

149 KB

⊟

1.81 MB

⊟

371 KB

⊟

1.78 MB

⊟

368 KB

⊟

655 KB

⊟

56.2 KB

⊟

712 KB

⊟

60.4 KB

⊟

655 KB

⊟

56.2 KB

⊟

245 KB

⊟

17.3 KB

⊟

1.74 MB

⊟

335 KB

⊟

885 KB

⊟

88.1 KB

⊟

854 KB

⊟

83.8 KB

⊟

1.71 MB

⊟

332 KB

⊟

428 KB

⊟

43.0 KB

⊟

691 KB

⊟

138 KB

⊟

1.22 MB

⊟

339 KB

⊟

874 KB

⊟

167 KB

⊟

428 KB

⊟

43.0 KB

⊟

974 KB

⊟

271 KB

⊟

2.1 MB

⊟

439 KB

⊟

2.03 MB

⊟

431 KB

⊟

1.42 MB

⊟

418 KB

⊟

959 KB

⊟

277 KB

⊟

566 KB

⊟

169 KB

⊟

564 KB

⊟

38.0 KB

⊟

620 KB

⊟

41.6 KB

⊟

564 KB

⊟

38.0 KB

⊟

230 KB

⊟

16.4 KB

⊟

609 KB

⊟

190 KB

⊟

284 KB

⊟

30.7 KB

⊟

621 KB

⊟

141 KB

⊟

1.19 MB

⊟

357 KB

⊟

1.54 MB

⊟

407 KB

⊟

284 KB

⊟

30.7 KB

⊟

675 KB

⊟

196 KB

⊟

61.0 KB

⊟

4.81 KB

⊟

587 KB

⊟

191 KB

⊟

1.13 MB

⊟

327 KB

⊟

1.11 MB

⊟

324 KB

⊟

595 KB

⊟

39.8 KB

⊟

650 KB

⊟

43.4 KB

⊟

595 KB

⊟

39.8 KB

⊟

245 KB

⊟

17.4 KB

⊟

604 KB

⊟

183 KB

⊟

981 KB

⊟

86.6 KB

⊟

629 KB

⊟

136 KB

⊟

1.13 MB

⊟

338 KB

⊟

981 KB

⊟

86.6 KB

⊟

975 KB

⊟

284 KB

⊟

579 KB

⊟

184 KB

⊟

1.66 MB

⊟

368 KB

⊟

1.64 MB

⊟

365 KB

⊟

557 KB

⊟

36.1 KB

⊟

613 KB

⊟

39.6 KB

⊟

557 KB

⊟

36.1 KB

⊟

212 KB

⊟

15.0 KB

⊟

828 KB

⊟

68.5 KB

⊟

215 KB

⊟

21.9 KB

⊟

139 KB

⊟

17.0 KB

⊟

828 KB

⊟

68.5 KB

⊟

94.7 KB

⊟

9.81 KB

⊟

16.4 KB

⊟

1.34 KB

⊟

737 KB

⊟

68.5 KB

⊟

725 KB

⊟

66.1 KB

⊟

56.0 KB

⊟

11.0 KB

⊟

46.8 KB

⊟

9.93 KB

⊟

46.9 KB

⊟

9.93 KB

⊟

1.54 MB

⊟

340 KB

⊟

641 KB

⊟

56.1 KB

⊟

698 KB

⊟

60.3 KB

⊟

641 KB

⊟

56.1 KB

⊟

230 KB

⊟

16.4 KB

⊟

1.61 MB

⊟

347 KB

⊟

725 KB

⊟

77.4 KB

⊟

665 KB

⊟

69.4 KB

⊟

1.58 MB

⊟

343 KB

⊟

612 KB

⊟

180 KB

⊟

363 KB

⊟

41.8 KB

⊟

694 KB

⊟

143 KB

⊟

1.34 MB

⊟

366 KB

⊟

1.76 MB

⊟

428 KB

⊟

363 KB

⊟

41.8 KB

⊟

679 KB

⊟

185 KB

⊟

1.69 MB

⊟

433 KB

⊟

884 KB

⊟

271 KB

⊟

113 KB

⊟

20.5 KB

⊟

568 KB

⊟

151 KB

⊟

1.13 MB

⊟

311 KB

⊟

1.12 MB

⊟

309 KB

⊟

656 KB

⊟

57.5 KB

⊟

713 KB

⊟

61.7 KB

⊟

656 KB

⊟

57.5 KB

⊟

245 KB

⊟

17.4 KB

⊟

1.74 MB

⊟

333 KB

⊟

886 KB

⊟

89.2 KB

⊟

855 KB

⊟

84.8 KB

⊟

1.7 MB

⊟

329 KB

⊟

602 KB

⊟

173 KB

⊟

1.04 MB

⊟

96.0 KB

⊟

704 KB

⊟

139 KB

⊟

1.25 MB

⊟

341 KB

⊟

889 KB

⊟

169 KB

⊟

1.04 MB

⊟

96.0 KB

⊟

972 KB

⊟

267 KB

⊟

113 KB

⊟

20.4 KB

⊟

562 KB

⊟

145 KB

⊟

1.81 MB

⊟

367 KB

⊟

1.78 MB

⊟

364 KB

⊟

655 KB

⊟

56.7 KB

⊟

713 KB

⊟

60.8 KB

⊟

656 KB

⊟

56.7 KB

⊟

245 KB

⊟

17.4 KB

⊟

1.74 MB

⊟

330 KB

⊟

885 KB

⊟

88.1 KB

⊟

854 KB

⊟

83.8 KB

⊟

1.7 MB

⊟

326 KB

⊟

427 KB

⊟

42.2 KB

⊟

689 KB

⊟

136 KB

⊟

1.21 MB

⊟

333 KB

⊟

872 KB

⊟

166 KB

⊟

427 KB

⊟

42.2 KB

⊟

968 KB

⊟

265 KB

⊟

2.09 MB

⊟

432 KB

⊟

2.03 MB

⊟

424 KB

⊟

79.8 KB

⊟

8.49 KB

⊟

355 KB

⊟

38.9 KB

⊟

47.4 KB

⊟

5.94 KB

⊟

683 KB

⊟

190 KB

⊟

570 KB

⊟

155 KB

⊟

10.5 KB

⊟

1.46 KB

⊟

10.5 KB

⊟

1.46 KB

⊟

5.7 KB

⊟

1.54 KB

⊟

5.76 KB

⊟

1.54 KB

⊟

5.64 KB

⊟

1.54 KB

⊟

797 KB

⊟

192 KB

⊟

10.5 KB

⊟

1.46 KB

⊟

787 KB

⊟

191 KB

⊟

928 KB

⊟

228 KB

⊟

958 KB

⊟

236 KB

⊟

957 KB

⊟

236 KB

⊟

1.21 MB

⊟

303 KB

⊟

1.21 MB

⊟

303 KB

⊟

448 KB

⊟

110 KB

⊟

942 KB

⊟

245 KB

⊟

1.36 MB

⊟

230 KB

⊟

1.12 MB

Ordering differences only

⊟

725 KB

⊟

6.34 KB

⊟

3.08 KB

⊟

5.65 MB

⊟

1.01 MB

Max HTML report size reached

⊟

817 KB

Ordering differences only

⊟

502 KB

⊟

684 KB

Ordering differences only

⊟

422 KB

⊟

1.43 MB

⊟

238 KB

⊟

1.13 MB

Ordering differences only

⊟

736 KB

Max HTML report size reached

⊟

10.4 KB

⊟

5.91 KB

⊟

6.5 MB

⊟

1.18 MB

Max HTML report size reached

⊟

704 KB

Ordering differences only

⊟

431 KB

⊟

6.01 MB

⊟

1.97 MB

Max HTML report size reached

⊟

1.45 MB

⊟

242 KB

⊟

1.62 MB

⊟

381 KB

⊟

1.04 MB

Ordering differences only

⊟

620 KB

⊟

10.1 KB

⊟

5.37 KB

⊟

6.4 MB

⊟

1.14 MB

Max HTML report size reached

⊟

777 KB

Ordering differences only

⊟

451 KB

⊟

703 KB

Ordering differences only

⊟

435 KB

⊟

1.48 MB

⊟

246 KB

⊟

1.23 MB

⊟

292 KB

⊟

1.2 MB

Ordering differences only

⊟

782 KB

Max HTML report size reached

⊟

3.82 KB

⊟

3.08 KB

⊟

6.72 KB

⊟

3.59 KB

⊟

7.13 MB

⊟

1.3 MB

Max HTML report size reached

⊟

714 KB

Ordering differences only

⊟

438 KB

⊟

24.3 KB

Ordering differences only

⊟

3.91 KB

Ordering differences only

⊟

28.3 KB

Ordering differences only

⊟

7.95 KB

Ordering differences only

⊟

109 KB

Ordering differences only

⊟

85.0 KB

Ordering differences only

⊟

866 B

Ordering differences only

⊟

858 B

Ordering differences only

⊟

874 B

Ordering differences only

⊟

161 KB

Ordering differences only

⊟

7.71 KB

Ordering differences only

⊟

7.72 KB

Ordering differences only

⊟

161 KB

Ordering differences only

⊟

101 KB

Ordering differences only

⊟

3.57 KB

Ordering differences only

⊟

69.7 KB

Ordering differences only

⊟

181 KB

Ordering differences only

⊟

86.8 KB

Ordering differences only

⊟

3.57 KB

Ordering differences only

⊟

160 KB

Ordering differences only

⊟

3.93 KB

Ordering differences only

⊟

78.9 KB

Ordering differences only

⊟

131 KB

Ordering differences only

⊟

131 KB

Ordering differences only

⊟

870 B

Ordering differences only

⊟

862 B

Ordering differences only

⊟

878 B

Ordering differences only

⊟

160 KB

Ordering differences only

⊟

7.71 KB

Ordering differences only

⊟

7.71 KB

Ordering differences only

⊟

160 KB

Ordering differences only

⊟

2.4 KB

Ordering differences only

⊟

69.5 KB

Ordering differences only

⊟

181 KB

Ordering differences only

⊟

86.6 KB

Ordering differences only

⊟

2.4 KB

Ordering differences only

⊟

159 KB

Ordering differences only

⊟

166 KB

Ordering differences only

⊟

166 KB

Ordering differences only

⊟

250 KB

Ordering differences only

⊟

165 KB

Ordering differences only

⊟

106 KB

Ordering differences only

⊟

908 B

Ordering differences only

⊟

900 B

Ordering differences only

⊟

916 B

Ordering differences only

⊟

107 KB

Ordering differences only

⊟

785 B

Ordering differences only

⊟

74.8 KB

Ordering differences only

⊟

192 KB

Ordering differences only

⊟

199 KB

Ordering differences only

⊟

787 B

Ordering differences only

⊟

107 KB

Ordering differences only

⊟

98.7 KB

Ordering differences only

⊟

151 KB

Ordering differences only

⊟

151 KB

Ordering differences only

⊟

858 B

Ordering differences only

⊟

850 B

Ordering differences only

⊟

866 B

Ordering differences only

⊟

99.0 KB

Ordering differences only

⊟

3.56 KB

Ordering differences only

⊟

69.7 KB

Ordering differences only

⊟

179 KB

Ordering differences only

⊟

3.56 KB

Ordering differences only

⊟

157 KB

Ordering differences only

⊟

91.7 KB

Ordering differences only

⊟

136 KB

Ordering differences only

⊟

136 KB

Ordering differences only

⊟

796 B

Ordering differences only

⊟

804 B

Ordering differences only

⊟

165 KB

Ordering differences only

⊟

904 B

Ordering differences only

⊟

896 B

Ordering differences only

⊟

912 B

Ordering differences only

⊟

186 KB

Ordering differences only

⊟

7.91 KB

Ordering differences only

⊟

7.92 KB

Ordering differences only

⊟

186 KB

Ordering differences only

⊟

108 KB

Ordering differences only

⊟

786 B

Ordering differences only

⊟

74.0 KB

Ordering differences only

⊟

192 KB

Ordering differences only

⊟

201 KB

Ordering differences only

⊟

788 B

Ordering differences only

⊟

108 KB

Ordering differences only

⊟

207 KB

Ordering differences only

⊟

138 KB

Ordering differences only

⊟

4.03 KB

Ordering differences only

⊟

84.0 KB

Ordering differences only

⊟

143 KB

Ordering differences only

⊟

143 KB

Ordering differences only

⊟

854 B

Ordering differences only

⊟

846 B

Ordering differences only

⊟

862 B

Ordering differences only

⊟

159 KB

Ordering differences only

⊟

7.62 KB

Ordering differences only

⊟

7.63 KB

Ordering differences only

⊟

159 KB

Ordering differences only

⊟

100 KB

Ordering differences only

⊟

3.54 KB

Ordering differences only

⊟

68.8 KB

Ordering differences only

⊟

179 KB

Ordering differences only

⊟

85.7 KB

Ordering differences only

⊟

3.54 KB

Ordering differences only

⊟

158 KB

Ordering differences only

⊟

3.88 KB

Ordering differences only

⊟

78.0 KB

Ordering differences only

⊟

129 KB

Ordering differences only

⊟

129 KB

Ordering differences only

⊟

849 B

Ordering differences only

⊟

841 B

Ordering differences only

⊟

857 B

Ordering differences only

⊟

158 KB

Ordering differences only

⊟

7.62 KB

Ordering differences only

⊟

7.63 KB

Ordering differences only

⊟

158 KB

Ordering differences only

⊟

2.39 KB

Ordering differences only

⊟

68.7 KB

Ordering differences only

⊟

178 KB

Ordering differences only

⊟

85.6 KB

Ordering differences only

⊟

2.39 KB

Ordering differences only

⊟

157 KB

Ordering differences only

⊟

164 KB

Ordering differences only

⊟

164 KB

Ordering differences only

⊟

109 KB

Ordering differences only

⊟

85.0 KB

Ordering differences only

⊟

854 B

Ordering differences only

⊟

846 B

Ordering differences only

⊟

862 B

Ordering differences only

⊟

157 KB

Ordering differences only

⊟

157 KB

Ordering differences only

⊟

177 KB

Ordering differences only

⊟

184 KB

Ordering differences only

⊟

184 KB

Ordering differences only

⊟

238 KB

Ordering differences only

⊟

238 KB

Ordering differences only

⊟

86.2 KB

Ordering differences only

⊟

173 KB

Ordering differences only

⊟

1.14 KB

⊟

1.0 KB

⊟

1.15 KB

⊟

1.0 KB

⊟

1.17 MB

⊟

1.17 MB

Max HTML report size reached

⊟

1.17 MB

⊟

1.17 MB

Max HTML report size reached

⊟

1.06 MB

⊟

1.06 MB

Max HTML report size reached

⊟

66.2 KB

⊟

66.1 KB

⊟

1.16 MB

⊟

1.16 MB

Max HTML report size reached

⊟

1.16 MB

⊟

1.16 MB

Max HTML report size reached

⊟

1.04 MB

⊟

1.04 MB

Max HTML report size reached

⊟

74.5 KB

⊟

74.4 KB

⊟

1.01 MB

⊟

1.01 MB

Max HTML report size reached

⊟

1.01 MB

⊟

1.01 MB

Max HTML report size reached

⊟

976 KB

⊟

976 KB

Max HTML report size reached

⊟

14.4 KB

⊟

14.3 KB

⊟

3.85 MB

⊟

3.85 MB

Max HTML report size reached

⊟

3.85 MB

⊟

3.85 MB

Max HTML report size reached

⊟

986 KB

⊟

985 KB

Max HTML report size reached

⊟

4.11 MB

⊟

4.11 MB

Max HTML report size reached

⊟

4.11 MB

⊟

4.11 MB

Max HTML report size reached

⊟

950 KB

⊟

949 KB

Max HTML report size reached

⊟

3.85 MB

⊟

3.85 MB

Max HTML report size reached

⊟

3.85 MB

⊟

3.85 MB

Max HTML report size reached

⊟

880 KB

⊟

880 KB

Max HTML report size reached

⊟

2.62 MB

⊟

2.62 MB

Max HTML report size reached

⊟

2.62 MB

⊟

2.62 MB

Max HTML report size reached

⊟

1.79 MB

⊟

1.79 MB

Max HTML report size reached

⊟

768 KB

⊟

768 KB

Max HTML report size reached

⊟

3.21 KB

⊟

3.11 KB

Ordering differences only

⊟

917 KB

⊟

917 KB

Max HTML report size reached

⊟

917 KB

⊟

917 KB

Max HTML report size reached

⊟

871 KB

⊟

871 KB

Max HTML report size reached

⊟

9.48 KB

⊟

9.38 KB

Ordering differences only

⊟

2.82 MB

⊟

2.82 MB

Max HTML report size reached

⊟

2.82 MB

⊟

2.82 MB

Max HTML report size reached

⊟

1.97 MB

⊟

1.97 MB

Max HTML report size reached

⊟

782 KB

⊟

782 KB

Max HTML report size reached

⊟

3.09 MB

⊟

3.09 MB

Max HTML report size reached

⊟

3.09 MB

⊟

3.09 MB

Max HTML report size reached

⊟

2.23 MB

⊟

2.23 MB

Max HTML report size reached

⊟

782 KB

⊟

782 KB

Max HTML report size reached

⊟

1.85 MB

⊟

1.85 MB

Max HTML report size reached

⊟

1.85 MB

⊟

1.85 MB

Max HTML report size reached

⊟

1.61 MB

⊟

1.61 MB

Max HTML report size reached

⊟

171 KB

⊟

171 KB

⊟

723 KB

⊟

723 KB

⊟

723 KB

⊟

723 KB

⊟

641 KB

⊟

640 KB

Ordering differences only

⊟

52.7 KB

⊟

52.6 KB

⊟

1.41 MB

⊟

1.41 MB

Max HTML report size reached

⊟

1.41 MB

⊟

1.41 MB

Max HTML report size reached

⊟

1.34 MB

⊟

1.34 MB

Max HTML report size reached

⊟

20.7 KB

⊟

20.6 KB

Ordering differences only

⊟

3.85 MB

⊟

3.85 MB

Max HTML report size reached

⊟

3.85 MB

⊟

3.85 MB

Max HTML report size reached

⊟

2.76 MB

⊟

2.76 MB

Max HTML report size reached

⊟

985 KB

⊟

985 KB

Max HTML report size reached

⊟

4.11 MB

⊟

4.1 MB

Max HTML report size reached

⊟

4.11 MB

⊟

4.1 MB

Max HTML report size reached

⊟

3.05 MB

⊟

3.05 MB

Max HTML report size reached

⊟

947 KB

⊟

947 KB

Max HTML report size reached

⊟

3.85 MB

⊟

3.85 MB

Max HTML report size reached

⊟

3.85 MB

⊟

3.85 MB

Max HTML report size reached

⊟

2.87 MB

⊟

2.87 MB

Max HTML report size reached

⊟

878 KB

⊟

878 KB

Max HTML report size reached

⊟

1.69 MB

⊟

1.69 MB

Max HTML report size reached

⊟

1.69 MB

⊟

1.69 MB

Max HTML report size reached

⊟

1.49 MB

⊟

1.49 MB

Max HTML report size reached

⊟

133 KB

⊟

133 KB

⊟

3.85 MB

⊟

3.85 MB

Max HTML report size reached

⊟

3.85 MB

⊟

3.85 MB

Max HTML report size reached

⊟

986 KB

⊟

985 KB

Max HTML report size reached

⊟

1.53 MB

⊟

1.53 MB

Max HTML report size reached

⊟

1.53 MB

⊟

1.53 MB

Max HTML report size reached

⊟

1.46 MB

⊟

1.46 MB

Max HTML report size reached

⊟

10.4 KB

⊟

10.3 KB

Ordering differences only

⊟

2.1 MB

⊟

2.1 MB

Max HTML report size reached

⊟

2.1 MB

⊟

2.1 MB

Max HTML report size reached

⊟

1.61 MB

⊟

1.61 MB

Max HTML report size reached

⊟

432 KB

⊟

432 KB

⊟

779 KB

⊟

779 KB

Max HTML report size reached

⊟

779 KB

⊟

779 KB

Max HTML report size reached

⊟

694 KB

⊟

694 KB

Ordering differences only

⊟

53.0 KB

⊟

52.9 KB


Offset 1, 6 lines modified		Offset 1, 6 lines modified

1	·72f~~888d9~~5~~7a91ff6d~~f~~881a139d45e87a~~·182268·admin·optional·ssg-applications_0.1.65-1_all.deb	1	·07fad0915505f2198ffac45ec022d1b8·182212·admin·optional·ssg-applications_0.1.65-1_all.deb
2	·f7bae0738ce4e633a16dbb487c1b30d5·27788·admin·optional·ssg-base_0.1.65-1_all.deb	2	·f7bae0738ce4e633a16dbb487c1b30d5·27788·admin·optional·ssg-base_0.1.65-1_all.deb
3	·ddf8951863546098f9f6cba3f0b950f5·3396412·admin·optional·ssg-debderived_0.1.65-1_all.deb
4	·2276f691ac995c3ceaaf3ed7e86fbeaa·831528·admin·optional·ssg-debian_0.1.65-1_all.deb
5	·3~~54018d~~636~~fd4294f5~~8~~2c3~~7~~bb01b8~~442·~~404~~48724·admin·optional·ssg-~~non~~debian_0.1.65-1_all.deb	3	·bff3e66a6157dad72842e7ce24d2409a·3394880·admin·optional·ssg-debderived_0.1.65-1_all.deb
		4	·4f75bdc0d191eaafd1278cb84152a082·831508·admin·optional·ssg-debian_0.1.65-1_all.deb
		5	·f5960421f4f49aaf32852f663941d0af·40446172·admin·optional·ssg-nondebian_0.1.65-1_all.deb


Offset 1, 3 lines modified		Offset 1, 3 lines modified
1	-rw-r--r--···0········0········0········4·2022-12-20·09:54:05.000000·debian-binary	1	-rw-r--r--···0········0········0········4·2022-12-20·09:54:05.000000·debian-binary
2	-rw-r--r--···0········0········0·····1732·2022-12-20·09:54:05.000000·control.tar.xz	2	-rw-r--r--···0········0········0·····1736·2022-12-20·09:54:05.000000·control.tar.xz
3	-rw-r--r--···0········0········0···180344·2022-12-20·09:54:05.000000·data.tar.xz	3	-rw-r--r--···0········0········0···180284·2022-12-20·09:54:05.000000·data.tar.xz


Offset 2477, 247 lines modified		Offset 2477, 247 lines modified
2477	······<ocil:generator>	2477	······<ocil:generator>
2478	········<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>	2478	········<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>
2479	········<ocil:product_version>ssg:·0.1.65</ocil:product_version>	2479	········<ocil:product_version>ssg:·0.1.65</ocil:product_version>
2480	········<ocil:schema_version>2.0</ocil:schema_version>	2480	········<ocil:schema_version>2.0</ocil:schema_version>
2481	········<ocil:timestamp>2022-12-20T09:54:05</ocil:timestamp>	2481	········<ocil:timestamp>2022-12-20T09:54:05</ocil:timestamp>
2482	······</ocil:generator>	2482	······</ocil:generator>
2483	······<ocil:questionnaires>	2483	······<ocil:questionnaires>
2484	········<ocil:questionnaire·id="ocil:ssg-chromium_d~~isable~~_fi~~rewal~~l~~_trav~~e~~rsal~~_ocil:questionnaire:1">	2484	········<ocil:questionnaire·id="ocil:ssg-chromium_policy_file_ocil:questionnaire:1">
2485	··········<ocil:title>Dis~~abl~~e·Chromium's·Ability·to·Trav~~erse~~·Fire~~wall~~s</ocil:title>	2485	··········<ocil:title>Ensure·the·Chromium·Policy·Configuration·File·Exists</ocil:title>
2486	··········<ocil:actions>	2486	··········<ocil:actions>
2487	············<ocil:test_action_ref>ocil:ssg-chromium_d~~isable~~_fi~~rewal~~l~~_trav~~e~~rsal~~_action:testaction:1</ocil:test_action_ref>	2487	············<ocil:test_action_ref>ocil:ssg-chromium_policy_file_action:testaction:1</ocil:test_action_ref>
2488	··········</ocil:actions>	2488	··········</ocil:actions>
2489	········</ocil:questionnaire>	2489	········</ocil:questionnaire>
2490	········<ocil:questionnaire·id="ocil:ssg-chromium_~~disable~~_net~~work_pred~~iction_ocil:questionnaire:1">	2490	········<ocil:questionnaire·id="ocil:ssg-chromium_http_authentication_ocil:questionnaire:1">
2491	··········<ocil:title>~~Disable·Network~~·Prediction</ocil:title>	2491	··········<ocil:title>Set·Chromium's·HTTP·Authentication·Scheme</ocil:title>
2492	··········<ocil:actions>	2492	··········<ocil:actions>
2493	············<ocil:test_action_ref>ocil:ssg-chromium_~~disable~~_net~~work_pred~~iction_action:testaction:1</ocil:test_action_ref>	2493	············<ocil:test_action_ref>ocil:ssg-chromium_http_authentication_action:testaction:1</ocil:test_action_ref>
2494	··········</ocil:actions>	2494	··········</ocil:actions>
2495	········</ocil:questionnaire>	2495	········</ocil:questionnaire>
2496	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_session_cookies_ocil:questionnaire:1">	2496	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_session_cookies_ocil:questionnaire:1">
2497	··········<ocil:title>Disable·Session·Cookies</ocil:title>	2497	··········<ocil:title>Disable·Session·Cookies</ocil:title>
2498	··········<ocil:actions>	2498	··········<ocil:actions>
2499	············<ocil:test_action_ref>ocil:ssg-chromium_disable_session_cookies_action:testaction:1</ocil:test_action_ref>	2499	············<ocil:test_action_ref>ocil:ssg-chromium_disable_session_cookies_action:testaction:1</ocil:test_action_ref>
2500	··········</ocil:actions>	2500	··········</ocil:actions>
2501	········</ocil:questionnaire>	2501	········</ocil:questionnaire>
2502	········<ocil:questionnaire·id="ocil:ssg-chromium_de~~fault~~_~~block_plug~~ins_ocil:questionnaire:1">	2502	········<ocil:questionnaire·id="ocil:ssg-chromium_plugins_require_authorization_ocil:questionnaire:1">
2503	··········<ocil:title>~~Block~~·Plugins·by·Default</ocil:title>	2503	··········<ocil:title>Require·Outdated·Plugins·to·be·Authorized</ocil:title>
2504	··········<ocil:actions>	2504	··········<ocil:actions>
2505	············<ocil:test_action_ref>ocil:ssg-chromium_de~~fault~~_~~block_plug~~ins_action:testaction:1</ocil:test_action_ref>	2505	············<ocil:test_action_ref>ocil:ssg-chromium_plugins_require_authorization_action:testaction:1</ocil:test_action_ref>
2506	··········</ocil:actions>	2506	··········</ocil:actions>
2507	········</ocil:questionnaire>	2507	········</ocil:questionnaire>
2508	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_automatic_installation_ocil:questionnaire:1">	2508	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_automatic_installation_ocil:questionnaire:1">
2509	··········<ocil:title>Disable·Automatic·Search·And·Installation·of·Plugins</ocil:title>	2509	··········<ocil:title>Disable·Automatic·Search·And·Installation·of·Plugins</ocil:title>
2510	··········<ocil:actions>	2510	··········<ocil:actions>
2511	············<ocil:test_action_ref>ocil:ssg-chromium_disable_automatic_installation_action:testaction:1</ocil:test_action_ref>	2511	············<ocil:test_action_ref>ocil:ssg-chromium_disable_automatic_installation_action:testaction:1</ocil:test_action_ref>
2512	··········</ocil:actions>	2512	··········</ocil:actions>
2513	········</ocil:questionnaire>	2513	········</ocil:questionnaire>
2514	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_pl~~ugin~~_~~blacklist~~_ocil:questionnaire:1">	2514	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_cleartext_passwords_ocil:questionnaire:1">
		2515	··········<ocil:title>Disable·Use·of·Cleartext·Passwords</ocil:title>
2515	··········<ocil:title>Disable·All·Plugins·by·Default</ocil:title>
2516	··········<ocil:actions>
2517	············<ocil:test_action_ref>ocil:ssg-chromium_disable_plugin_blacklist_action:testaction:1</ocil:test_action_ref>
2518	··········</ocil:actions>
2519	········</ocil:questionnaire>
2520	········<ocil:questionnaire·id="ocil:ssg-chromium_extension_whitelist_ocil:questionnaire:1">
2521	··········<ocil:title>Enable·Only·Approved·Extensions</ocil:title>
2522	··········<ocil:actions>	2516	··········<ocil:actions>
2523	············<ocil:test_action_ref>ocil:ssg-chromium_exte~~nsion~~_~~whitelist~~_action:testaction:1</ocil:test_action_ref>	2517	············<ocil:test_action_ref>ocil:ssg-chromium_disable_cleartext_passwords_action:testaction:1</ocil:test_action_ref>
2524	··········</ocil:actions>	2518	··········</ocil:actions>
2525	········</ocil:questionnaire>	2519	········</ocil:questionnaire>
2526	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_ba~~ckgroun~~d_p~~rocess~~ing_ocil:questionnaire:1">	2520	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_outdated_plugins_ocil:questionnaire:1">
2527	··········<ocil:title>Disable·Ba~~ckgroun~~d·P~~rocess~~ing</ocil:title>	2521	··········<ocil:title>Disable·Outdated·Plugins</ocil:title>
2528	··········<ocil:actions>	2522	··········<ocil:actions>
2529	············<ocil:test_action_ref>ocil:ssg-chromium_disable_ba~~ckgroun~~d_p~~rocess~~ing_action:testaction:1</ocil:test_action_ref>	2523	············<ocil:test_action_ref>ocil:ssg-chromium_disable_outdated_plugins_action:testaction:1</ocil:test_action_ref>
2530	··········</ocil:actions>	2524	··········</ocil:actions>
2531	········</ocil:questionnaire>	2525	········</ocil:questionnaire>
2532	········<ocil:questionnaire·id="ocil:ssg-chromium_~~http~~_aut~~henti~~c~~ation~~_ocil:questionnaire:1">	2526	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_protocol_schemas_ocil:questionnaire:1">
2533	··········<ocil:title>~~Set·Chromium's~~·~~HTTP·Auth~~e~~ntica~~tion·Scheme</ocil:title>	2527	··········<ocil:title>Disable·Insecure·And·Obsolete·Protocol·Schemas</ocil:title>
2534	··········<ocil:actions>	2528	··········<ocil:actions>
2535	············<ocil:test_action_ref>ocil:ssg-chromium_~~http~~_aut~~henti~~c~~ation~~_action:testaction:1</ocil:test_action_ref>	2529	············<ocil:test_action_ref>ocil:ssg-chromium_disable_protocol_schemas_action:testaction:1</ocil:test_action_ref>
2536	··········</ocil:actions>	2530	··········</ocil:actions>
2537	········</ocil:questionnaire>	2531	········</ocil:questionnaire>
2538	········<ocil:questionnaire·id="ocil:ssg-chromium_disal~~low~~_l~~ocat~~ion_tr~~acki~~ng_ocil:questionnaire:1">	2532	········<ocil:questionnaire·id="ocil:ssg-chromium_whitelist_plugin_urls_ocil:questionnaire:1">
2539	··········<ocil:title>Disable·~~Locati~~on·Tr~~acking~~</ocil:title>	2533	··········<ocil:title>Enable·Plugins·for·Only·Approved·URLs</ocil:title>
2540	··········<ocil:actions>	2534	··········<ocil:actions>
2541	············<ocil:test_action_ref>ocil:ssg-chromium_disal~~low~~_l~~ocat~~ion_tr~~acki~~ng_action:testaction:1</ocil:test_action_ref>	2535	············<ocil:test_action_ref>ocil:ssg-chromium_whitelist_plugin_urls_action:testaction:1</ocil:test_action_ref>
2542	··········</ocil:actions>	2536	··········</ocil:actions>
2543	········</ocil:questionnaire>	2537	········</ocil:questionnaire>
2544	········<ocil:questionnaire·id="ocil:ssg-chromium_enable_browser_history_ocil:questionnaire:1">	2538	········<ocil:questionnaire·id="ocil:ssg-chromium_enable_browser_history_ocil:questionnaire:1">
2545	··········<ocil:title>Enable·Saving·the·Browser·History</ocil:title>	2539	··········<ocil:title>Enable·Saving·the·Browser·History</ocil:title>
2546	··········<ocil:actions>	2540	··········<ocil:actions>
2547	············<ocil:test_action_ref>ocil:ssg-chromium_enable_browser_history_action:testaction:1</ocil:test_action_ref>	2541	············<ocil:test_action_ref>ocil:ssg-chromium_enable_browser_history_action:testaction:1</ocil:test_action_ref>
2548	··········</ocil:actions>	2542	··········</ocil:actions>
2549	········</ocil:questionnaire>	2543	········</ocil:questionnaire>
2550	········<ocil:questionnaire·id="ocil:ssg-chromium_d~~isabl~~e~~_clou~~d_p~~rint~~_sharing_ocil:questionnaire:1">	2544	········<ocil:questionnaire·id="ocil:ssg-chromium_trusted_home_page_ocil:questionnaire:1">
2551	··········<ocil:title>~~Disabl~~e·~~Clo~~u~~d·Print~~·Sharing</ocil:title>	2545	··········<ocil:title>Set·the·Default·Home·Page</ocil:title>
2552	··········<ocil:actions>	2546	··········<ocil:actions>
2553	············<ocil:test_action_ref>ocil:ssg-chromium_d~~isabl~~e~~_clou~~d_p~~rint~~_sharing_action:testaction:1</ocil:test_action_ref>	2547	············<ocil:test_action_ref>ocil:ssg-chromium_trusted_home_page_action:testaction:1</ocil:test_action_ref>
2554	··········</ocil:actions>	2548	··········</ocil:actions>
2555	········</ocil:questionnaire>	2549	········</ocil:questionnaire>
2556	········<ocil:questionnaire·id="ocil:ssg-chromium_~~black~~list_e~~xtension_~~in~~stall~~ation_ocil:questionnaire:1">	2550	········<ocil:questionnaire·id="ocil:ssg-chromium_default_search_provider_name_ocil:questionnaire:1">
2557	··········<ocil:title>~~Disabl~~e·~~All·Ex~~te~~nsions·by·D~~e~~fault~~</ocil:title>	2551	··········<ocil:title>Set·the·Default·Search·Provider's·URL</ocil:title>
2558	··········<ocil:actions>	2552	··········<ocil:actions>
2559	············<ocil:test_action_ref>ocil:ssg-chromium_~~black~~list_e~~xtension_~~in~~stall~~ation_action:testaction:1</ocil:test_action_ref>	2553	············<ocil:test_action_ref>ocil:ssg-chromium_default_search_provider_name_action:testaction:1</ocil:test_action_ref>
2560	··········</ocil:actions>	2554	··········</ocil:actions>
2561	········</ocil:questionnaire>	2555	········</ocil:questionnaire>
2562	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_~~password~~_manager_ocil:questionnaire:1">	2556	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_incognito_mode_ocil:questionnaire:1">
2563	··········<ocil:title>Disable·~~Chr~~o~~mium·Passw~~ord·Manager</ocil:title>	2557	··········<ocil:title>Disable·Incognito·Mode</ocil:title>
2564	··········<ocil:actions>	2558	··········<ocil:actions>
2565	············<ocil:test_action_ref>ocil:ssg-chromium_disable_~~password~~_manager_action:testaction:1</ocil:test_action_ref>	2559	············<ocil:test_action_ref>ocil:ssg-chromium_disable_incognito_mode_action:testaction:1</ocil:test_action_ref>
2566	··········</ocil:actions>	2560	··········</ocil:actions>
2567	········</ocil:questionnaire>	2561	········</ocil:questionnaire>
2568	········<ocil:questionnaire·id="ocil:ssg-chromium_poli~~cy_f~~ile_ocil:questionnaire:1">	2562	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_plugin_blacklist_ocil:questionnaire:1">
2569	··········<ocil:title>Ensure·~~the~~·C~~hrom~~ium·~~Poli~~cy·Conf~~igur~~a~~tion·F~~il~~e·Exis~~ts</ocil:title>	2563	··········<ocil:title>Disable·All·Plugins·by·Default</ocil:title>
2570	··········<ocil:actions>	2564	··········<ocil:actions>
2571	············<ocil:test_action_ref>ocil:ssg-chromium_poli~~cy_f~~ile_action:testaction:1</ocil:test_action_ref>	2565	············<ocil:test_action_ref>ocil:ssg-chromium_disable_plugin_blacklist_action:testaction:1</ocil:test_action_ref>
2572	··········</ocil:actions>	2566	··········</ocil:actions>
2573	········</ocil:questionnaire>	2567	········</ocil:questionnaire>
2574	········<ocil:questionnaire·id="ocil:ssg-chromium_~~check~~_~~cer~~t~~_revoc~~ation_ocil:questionnaire:1">	2568	········<ocil:questionnaire·id="ocil:ssg-chromium_disallow_location_tracking_ocil:questionnaire:1">
2575	··········<ocil:title>Enab~~le·On~~line·~~OCSP/CR~~L·~~Cer~~tificate·~~Che~~cks</ocil:title>	2569	··········<ocil:title>Disable·Location·Tracking</ocil:title>
2576	··········<ocil:actions>	2570	··········<ocil:actions>
2577	············<ocil:test_action_ref>ocil:ssg-chromium_~~check~~_~~cer~~t~~_revoc~~ation_action:testaction:1</ocil:test_action_ref>	2571	············<ocil:test_action_ref>ocil:ssg-chromium_disallow_location_tracking_action:testaction:1</ocil:test_action_ref>
2578	··········</ocil:actions>	2572	··········</ocil:actions>
2579	········</ocil:questionnaire>	2573	········</ocil:questionnaire>
2580	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_metrics_reporting_ocil:questionnaire:1">	2574	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_metrics_reporting_ocil:questionnaire:1">
2581	··········<ocil:title>Disable·Metrics·Reporting</ocil:title>	2575	··········<ocil:title>Disable·Metrics·Reporting</ocil:title>
2582	··········<ocil:actions>	2576	··········<ocil:actions>
2583	············<ocil:test_action_ref>ocil:ssg-chromium_disable_metrics_reporting_action:testaction:1</ocil:test_action_ref>	2577	············<ocil:test_action_ref>ocil:ssg-chromium_disable_metrics_reporting_action:testaction:1</ocil:test_action_ref>
2584	··········</ocil:actions>	2578	··········</ocil:actions>
2585	········</ocil:questionnaire>	2579	········</ocil:questionnaire>
2586	········<ocil:questionnaire·id="ocil:ssg-chromium_enable_~~approv~~e~~d_plug~~ins_ocil:questionnaire:1">	2580	········<ocil:questionnaire·id="ocil:ssg-chromium_enable_safe_browsing_ocil:questionnaire:1">
2587	··········<ocil:title>Enable·~~Only·App~~ro~~ved~~·~~Plugins~~</ocil:title>	2581	··········<ocil:title>Enable·the·Safe·Browsing·Feature</ocil:title>
2588	··········<ocil:actions>	2582	··········<ocil:actions>
2589	············<ocil:test_action_ref>ocil:ssg-chromium_enable_~~approv~~e~~d_plug~~ins_action:testaction:1</ocil:test_action_ref>	2583	············<ocil:test_action_ref>ocil:ssg-chromium_enable_safe_browsing_action:testaction:1</ocil:test_action_ref>
2590	··········</ocil:actions>	2584	··········</ocil:actions>
2591	········</ocil:questionnaire>	2585	········</ocil:questionnaire>
2592	········<ocil:questionnaire·id="ocil:ssg-chromium_~~tru~~sted_ho~~me_p~~age_ocil:questionnaire:1">	2586	········<ocil:questionnaire·id="ocil:ssg-chromium_block_desktop_notifications_ocil:questionnaire:1">
2593	··········<ocil:title>~~Set·the~~·De~~fault~~·Ho~~me·P~~age</ocil:title>	2587	··········<ocil:title>Prevent·Desktop·Notifications</ocil:title>
2594	··········<ocil:actions>	2588	··········<ocil:actions>
2595	············<ocil:test_action_ref>ocil:ssg-chromium_~~tru~~sted_ho~~me_p~~age_action:testaction:1</ocil:test_action_ref>	2589	············<ocil:test_action_ref>ocil:ssg-chromium_block_desktop_notifications_action:testaction:1</ocil:test_action_ref>
2596	··········</ocil:actions>	2590	··········</ocil:actions>
2597	········</ocil:questionnaire>	2591	········</ocil:questionnaire>
2598	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_~~3d_graphics_api~~_ocil:questionnaire:1">	2592	········<ocil:questionnaire·id="ocil:ssg-chromium_default_search_provider_ocil:questionnaire:1">
2599	··········<ocil:title>Disable·the·3D·Graph~~ics·APIs~~</ocil:title>	2593	··········<ocil:title>Enable·the·Default·Search·Provider</ocil:title>
2600	··········<ocil:actions>	2594	··········<ocil:actions>
2601	············<ocil:test_action_ref>ocil:ssg-chromium_disable_~~3d_graphics_api~~_action:testaction:1</ocil:test_action_ref>	2595	············<ocil:test_action_ref>ocil:ssg-chromium_default_search_provider_action:testaction:1</ocil:test_action_ref>
2602	··········</ocil:actions>	2596	··········</ocil:actions>
Max diff block lines reached; 63544/75702 bytes (83.94%) of diff not shown.


Offset 2477, 247 lines modified		Offset 2477, 247 lines modified
2477	······<ocil:generator>	2477	······<ocil:generator>
2478	········<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>	2478	········<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>
2479	········<ocil:product_version>ssg:·0.1.65</ocil:product_version>	2479	········<ocil:product_version>ssg:·0.1.65</ocil:product_version>
2480	········<ocil:schema_version>2.0</ocil:schema_version>	2480	········<ocil:schema_version>2.0</ocil:schema_version>
2481	········<ocil:timestamp>2022-12-20T09:54:05</ocil:timestamp>	2481	········<ocil:timestamp>2022-12-20T09:54:05</ocil:timestamp>
2482	······</ocil:generator>	2482	······</ocil:generator>
2483	······<ocil:questionnaires>	2483	······<ocil:questionnaires>
2484	········<ocil:questionnaire·id="ocil:ssg-chromium_d~~isable~~_fi~~rewal~~l~~_trav~~e~~rsal~~_ocil:questionnaire:1">	2484	········<ocil:questionnaire·id="ocil:ssg-chromium_policy_file_ocil:questionnaire:1">
2485	··········<ocil:title>Dis~~abl~~e·Chromium's·Ability·to·Trav~~erse~~·Fire~~wall~~s</ocil:title>	2485	··········<ocil:title>Ensure·the·Chromium·Policy·Configuration·File·Exists</ocil:title>
2486	··········<ocil:actions>	2486	··········<ocil:actions>
2487	············<ocil:test_action_ref>ocil:ssg-chromium_d~~isable~~_fi~~rewal~~l~~_trav~~e~~rsal~~_action:testaction:1</ocil:test_action_ref>	2487	············<ocil:test_action_ref>ocil:ssg-chromium_policy_file_action:testaction:1</ocil:test_action_ref>
2488	··········</ocil:actions>	2488	··········</ocil:actions>
2489	········</ocil:questionnaire>	2489	········</ocil:questionnaire>
2490	········<ocil:questionnaire·id="ocil:ssg-chromium_~~disable~~_net~~work_pred~~iction_ocil:questionnaire:1">	2490	········<ocil:questionnaire·id="ocil:ssg-chromium_http_authentication_ocil:questionnaire:1">
2491	··········<ocil:title>~~Disable·Network~~·Prediction</ocil:title>	2491	··········<ocil:title>Set·Chromium's·HTTP·Authentication·Scheme</ocil:title>
2492	··········<ocil:actions>	2492	··········<ocil:actions>
2493	············<ocil:test_action_ref>ocil:ssg-chromium_~~disable~~_net~~work_pred~~iction_action:testaction:1</ocil:test_action_ref>	2493	············<ocil:test_action_ref>ocil:ssg-chromium_http_authentication_action:testaction:1</ocil:test_action_ref>
2494	··········</ocil:actions>	2494	··········</ocil:actions>
2495	········</ocil:questionnaire>	2495	········</ocil:questionnaire>
2496	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_session_cookies_ocil:questionnaire:1">	2496	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_session_cookies_ocil:questionnaire:1">
2497	··········<ocil:title>Disable·Session·Cookies</ocil:title>	2497	··········<ocil:title>Disable·Session·Cookies</ocil:title>
2498	··········<ocil:actions>	2498	··········<ocil:actions>
2499	············<ocil:test_action_ref>ocil:ssg-chromium_disable_session_cookies_action:testaction:1</ocil:test_action_ref>	2499	············<ocil:test_action_ref>ocil:ssg-chromium_disable_session_cookies_action:testaction:1</ocil:test_action_ref>
2500	··········</ocil:actions>	2500	··········</ocil:actions>
2501	········</ocil:questionnaire>	2501	········</ocil:questionnaire>
2502	········<ocil:questionnaire·id="ocil:ssg-chromium_de~~fault~~_~~block_plug~~ins_ocil:questionnaire:1">	2502	········<ocil:questionnaire·id="ocil:ssg-chromium_plugins_require_authorization_ocil:questionnaire:1">
2503	··········<ocil:title>~~Block~~·Plugins·by·Default</ocil:title>	2503	··········<ocil:title>Require·Outdated·Plugins·to·be·Authorized</ocil:title>
2504	··········<ocil:actions>	2504	··········<ocil:actions>
2505	············<ocil:test_action_ref>ocil:ssg-chromium_de~~fault~~_~~block_plug~~ins_action:testaction:1</ocil:test_action_ref>	2505	············<ocil:test_action_ref>ocil:ssg-chromium_plugins_require_authorization_action:testaction:1</ocil:test_action_ref>
2506	··········</ocil:actions>	2506	··········</ocil:actions>
2507	········</ocil:questionnaire>	2507	········</ocil:questionnaire>
2508	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_automatic_installation_ocil:questionnaire:1">	2508	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_automatic_installation_ocil:questionnaire:1">
2509	··········<ocil:title>Disable·Automatic·Search·And·Installation·of·Plugins</ocil:title>	2509	··········<ocil:title>Disable·Automatic·Search·And·Installation·of·Plugins</ocil:title>
2510	··········<ocil:actions>	2510	··········<ocil:actions>
2511	············<ocil:test_action_ref>ocil:ssg-chromium_disable_automatic_installation_action:testaction:1</ocil:test_action_ref>	2511	············<ocil:test_action_ref>ocil:ssg-chromium_disable_automatic_installation_action:testaction:1</ocil:test_action_ref>
2512	··········</ocil:actions>	2512	··········</ocil:actions>
2513	········</ocil:questionnaire>	2513	········</ocil:questionnaire>
2514	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_pl~~ugin~~_~~blacklist~~_ocil:questionnaire:1">	2514	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_cleartext_passwords_ocil:questionnaire:1">
		2515	··········<ocil:title>Disable·Use·of·Cleartext·Passwords</ocil:title>
2515	··········<ocil:title>Disable·All·Plugins·by·Default</ocil:title>
2516	··········<ocil:actions>
2517	············<ocil:test_action_ref>ocil:ssg-chromium_disable_plugin_blacklist_action:testaction:1</ocil:test_action_ref>
2518	··········</ocil:actions>
2519	········</ocil:questionnaire>
2520	········<ocil:questionnaire·id="ocil:ssg-chromium_extension_whitelist_ocil:questionnaire:1">
2521	··········<ocil:title>Enable·Only·Approved·Extensions</ocil:title>
2522	··········<ocil:actions>	2516	··········<ocil:actions>
2523	············<ocil:test_action_ref>ocil:ssg-chromium_exte~~nsion~~_~~whitelist~~_action:testaction:1</ocil:test_action_ref>	2517	············<ocil:test_action_ref>ocil:ssg-chromium_disable_cleartext_passwords_action:testaction:1</ocil:test_action_ref>
2524	··········</ocil:actions>	2518	··········</ocil:actions>
2525	········</ocil:questionnaire>	2519	········</ocil:questionnaire>
2526	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_ba~~ckgroun~~d_p~~rocess~~ing_ocil:questionnaire:1">	2520	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_outdated_plugins_ocil:questionnaire:1">
2527	··········<ocil:title>Disable·Ba~~ckgroun~~d·P~~rocess~~ing</ocil:title>	2521	··········<ocil:title>Disable·Outdated·Plugins</ocil:title>
2528	··········<ocil:actions>	2522	··········<ocil:actions>
2529	············<ocil:test_action_ref>ocil:ssg-chromium_disable_ba~~ckgroun~~d_p~~rocess~~ing_action:testaction:1</ocil:test_action_ref>	2523	············<ocil:test_action_ref>ocil:ssg-chromium_disable_outdated_plugins_action:testaction:1</ocil:test_action_ref>
2530	··········</ocil:actions>	2524	··········</ocil:actions>
2531	········</ocil:questionnaire>	2525	········</ocil:questionnaire>
2532	········<ocil:questionnaire·id="ocil:ssg-chromium_~~http~~_aut~~henti~~c~~ation~~_ocil:questionnaire:1">	2526	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_protocol_schemas_ocil:questionnaire:1">
2533	··········<ocil:title>~~Set·Chromium's~~·~~HTTP·Auth~~e~~ntica~~tion·Scheme</ocil:title>	2527	··········<ocil:title>Disable·Insecure·And·Obsolete·Protocol·Schemas</ocil:title>
2534	··········<ocil:actions>	2528	··········<ocil:actions>
2535	············<ocil:test_action_ref>ocil:ssg-chromium_~~http~~_aut~~henti~~c~~ation~~_action:testaction:1</ocil:test_action_ref>	2529	············<ocil:test_action_ref>ocil:ssg-chromium_disable_protocol_schemas_action:testaction:1</ocil:test_action_ref>
2536	··········</ocil:actions>	2530	··········</ocil:actions>
2537	········</ocil:questionnaire>	2531	········</ocil:questionnaire>
2538	········<ocil:questionnaire·id="ocil:ssg-chromium_disal~~low~~_l~~ocat~~ion_tr~~acki~~ng_ocil:questionnaire:1">	2532	········<ocil:questionnaire·id="ocil:ssg-chromium_whitelist_plugin_urls_ocil:questionnaire:1">
2539	··········<ocil:title>Disable·~~Locati~~on·Tr~~acking~~</ocil:title>	2533	··········<ocil:title>Enable·Plugins·for·Only·Approved·URLs</ocil:title>
2540	··········<ocil:actions>	2534	··········<ocil:actions>
2541	············<ocil:test_action_ref>ocil:ssg-chromium_disal~~low~~_l~~ocat~~ion_tr~~acki~~ng_action:testaction:1</ocil:test_action_ref>	2535	············<ocil:test_action_ref>ocil:ssg-chromium_whitelist_plugin_urls_action:testaction:1</ocil:test_action_ref>
2542	··········</ocil:actions>	2536	··········</ocil:actions>
2543	········</ocil:questionnaire>	2537	········</ocil:questionnaire>
2544	········<ocil:questionnaire·id="ocil:ssg-chromium_enable_browser_history_ocil:questionnaire:1">	2538	········<ocil:questionnaire·id="ocil:ssg-chromium_enable_browser_history_ocil:questionnaire:1">
2545	··········<ocil:title>Enable·Saving·the·Browser·History</ocil:title>	2539	··········<ocil:title>Enable·Saving·the·Browser·History</ocil:title>
2546	··········<ocil:actions>	2540	··········<ocil:actions>
2547	············<ocil:test_action_ref>ocil:ssg-chromium_enable_browser_history_action:testaction:1</ocil:test_action_ref>	2541	············<ocil:test_action_ref>ocil:ssg-chromium_enable_browser_history_action:testaction:1</ocil:test_action_ref>
2548	··········</ocil:actions>	2542	··········</ocil:actions>
2549	········</ocil:questionnaire>	2543	········</ocil:questionnaire>
2550	········<ocil:questionnaire·id="ocil:ssg-chromium_d~~isabl~~e~~_clou~~d_p~~rint~~_sharing_ocil:questionnaire:1">	2544	········<ocil:questionnaire·id="ocil:ssg-chromium_trusted_home_page_ocil:questionnaire:1">
2551	··········<ocil:title>~~Disabl~~e·~~Clo~~u~~d·Print~~·Sharing</ocil:title>	2545	··········<ocil:title>Set·the·Default·Home·Page</ocil:title>
2552	··········<ocil:actions>	2546	··········<ocil:actions>
2553	············<ocil:test_action_ref>ocil:ssg-chromium_d~~isabl~~e~~_clou~~d_p~~rint~~_sharing_action:testaction:1</ocil:test_action_ref>	2547	············<ocil:test_action_ref>ocil:ssg-chromium_trusted_home_page_action:testaction:1</ocil:test_action_ref>
2554	··········</ocil:actions>	2548	··········</ocil:actions>
2555	········</ocil:questionnaire>	2549	········</ocil:questionnaire>
2556	········<ocil:questionnaire·id="ocil:ssg-chromium_~~black~~list_e~~xtension_~~in~~stall~~ation_ocil:questionnaire:1">	2550	········<ocil:questionnaire·id="ocil:ssg-chromium_default_search_provider_name_ocil:questionnaire:1">
2557	··········<ocil:title>~~Disabl~~e·~~All·Ex~~te~~nsions·by·D~~e~~fault~~</ocil:title>	2551	··········<ocil:title>Set·the·Default·Search·Provider's·URL</ocil:title>
2558	··········<ocil:actions>	2552	··········<ocil:actions>
2559	············<ocil:test_action_ref>ocil:ssg-chromium_~~black~~list_e~~xtension_~~in~~stall~~ation_action:testaction:1</ocil:test_action_ref>	2553	············<ocil:test_action_ref>ocil:ssg-chromium_default_search_provider_name_action:testaction:1</ocil:test_action_ref>
2560	··········</ocil:actions>	2554	··········</ocil:actions>
2561	········</ocil:questionnaire>	2555	········</ocil:questionnaire>
2562	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_~~password~~_manager_ocil:questionnaire:1">	2556	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_incognito_mode_ocil:questionnaire:1">
2563	··········<ocil:title>Disable·~~Chr~~o~~mium·Passw~~ord·Manager</ocil:title>	2557	··········<ocil:title>Disable·Incognito·Mode</ocil:title>
2564	··········<ocil:actions>	2558	··········<ocil:actions>
2565	············<ocil:test_action_ref>ocil:ssg-chromium_disable_~~password~~_manager_action:testaction:1</ocil:test_action_ref>	2559	············<ocil:test_action_ref>ocil:ssg-chromium_disable_incognito_mode_action:testaction:1</ocil:test_action_ref>
2566	··········</ocil:actions>	2560	··········</ocil:actions>
2567	········</ocil:questionnaire>	2561	········</ocil:questionnaire>
2568	········<ocil:questionnaire·id="ocil:ssg-chromium_poli~~cy_f~~ile_ocil:questionnaire:1">	2562	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_plugin_blacklist_ocil:questionnaire:1">
2569	··········<ocil:title>Ensure·~~the~~·C~~hrom~~ium·~~Poli~~cy·Conf~~igur~~a~~tion·F~~il~~e·Exis~~ts</ocil:title>	2563	··········<ocil:title>Disable·All·Plugins·by·Default</ocil:title>
2570	··········<ocil:actions>	2564	··········<ocil:actions>
2571	············<ocil:test_action_ref>ocil:ssg-chromium_poli~~cy_f~~ile_action:testaction:1</ocil:test_action_ref>	2565	············<ocil:test_action_ref>ocil:ssg-chromium_disable_plugin_blacklist_action:testaction:1</ocil:test_action_ref>
2572	··········</ocil:actions>	2566	··········</ocil:actions>
2573	········</ocil:questionnaire>	2567	········</ocil:questionnaire>
2574	········<ocil:questionnaire·id="ocil:ssg-chromium_~~check~~_~~cer~~t~~_revoc~~ation_ocil:questionnaire:1">	2568	········<ocil:questionnaire·id="ocil:ssg-chromium_disallow_location_tracking_ocil:questionnaire:1">
2575	··········<ocil:title>Enab~~le·On~~line·~~OCSP/CR~~L·~~Cer~~tificate·~~Che~~cks</ocil:title>	2569	··········<ocil:title>Disable·Location·Tracking</ocil:title>
2576	··········<ocil:actions>	2570	··········<ocil:actions>
2577	············<ocil:test_action_ref>ocil:ssg-chromium_~~check~~_~~cer~~t~~_revoc~~ation_action:testaction:1</ocil:test_action_ref>	2571	············<ocil:test_action_ref>ocil:ssg-chromium_disallow_location_tracking_action:testaction:1</ocil:test_action_ref>
2578	··········</ocil:actions>	2572	··········</ocil:actions>
2579	········</ocil:questionnaire>	2573	········</ocil:questionnaire>
2580	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_metrics_reporting_ocil:questionnaire:1">	2574	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_metrics_reporting_ocil:questionnaire:1">
2581	··········<ocil:title>Disable·Metrics·Reporting</ocil:title>	2575	··········<ocil:title>Disable·Metrics·Reporting</ocil:title>
2582	··········<ocil:actions>	2576	··········<ocil:actions>
2583	············<ocil:test_action_ref>ocil:ssg-chromium_disable_metrics_reporting_action:testaction:1</ocil:test_action_ref>	2577	············<ocil:test_action_ref>ocil:ssg-chromium_disable_metrics_reporting_action:testaction:1</ocil:test_action_ref>
2584	··········</ocil:actions>	2578	··········</ocil:actions>
2585	········</ocil:questionnaire>	2579	········</ocil:questionnaire>
2586	········<ocil:questionnaire·id="ocil:ssg-chromium_enable_~~approv~~e~~d_plug~~ins_ocil:questionnaire:1">	2580	········<ocil:questionnaire·id="ocil:ssg-chromium_enable_safe_browsing_ocil:questionnaire:1">
2587	··········<ocil:title>Enable·~~Only·App~~ro~~ved~~·~~Plugins~~</ocil:title>	2581	··········<ocil:title>Enable·the·Safe·Browsing·Feature</ocil:title>
2588	··········<ocil:actions>	2582	··········<ocil:actions>
2589	············<ocil:test_action_ref>ocil:ssg-chromium_enable_~~approv~~e~~d_plug~~ins_action:testaction:1</ocil:test_action_ref>	2583	············<ocil:test_action_ref>ocil:ssg-chromium_enable_safe_browsing_action:testaction:1</ocil:test_action_ref>
2590	··········</ocil:actions>	2584	··········</ocil:actions>
2591	········</ocil:questionnaire>	2585	········</ocil:questionnaire>
2592	········<ocil:questionnaire·id="ocil:ssg-chromium_~~tru~~sted_ho~~me_p~~age_ocil:questionnaire:1">	2586	········<ocil:questionnaire·id="ocil:ssg-chromium_block_desktop_notifications_ocil:questionnaire:1">
2593	··········<ocil:title>~~Set·the~~·De~~fault~~·Ho~~me·P~~age</ocil:title>	2587	··········<ocil:title>Prevent·Desktop·Notifications</ocil:title>
2594	··········<ocil:actions>	2588	··········<ocil:actions>
2595	············<ocil:test_action_ref>ocil:ssg-chromium_~~tru~~sted_ho~~me_p~~age_action:testaction:1</ocil:test_action_ref>	2589	············<ocil:test_action_ref>ocil:ssg-chromium_block_desktop_notifications_action:testaction:1</ocil:test_action_ref>
2596	··········</ocil:actions>	2590	··········</ocil:actions>
2597	········</ocil:questionnaire>	2591	········</ocil:questionnaire>
2598	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_~~3d_graphics_api~~_ocil:questionnaire:1">	2592	········<ocil:questionnaire·id="ocil:ssg-chromium_default_search_provider_ocil:questionnaire:1">
2599	··········<ocil:title>Disable·the·3D·Graph~~ics·APIs~~</ocil:title>	2593	··········<ocil:title>Enable·the·Default·Search·Provider</ocil:title>
2600	··········<ocil:actions>	2594	··········<ocil:actions>
2601	············<ocil:test_action_ref>ocil:ssg-chromium_disable_~~3d_graphics_api~~_action:testaction:1</ocil:test_action_ref>	2595	············<ocil:test_action_ref>ocil:ssg-chromium_default_search_provider_action:testaction:1</ocil:test_action_ref>
2602	··········</ocil:actions>	2596	··········</ocil:actions>
Max diff block lines reached; 63544/75702 bytes (83.94%) of diff not shown.


Offset 3, 247 lines modified		Offset 3, 247 lines modified
3	··<ocil:generator>	3	··<ocil:generator>
4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>	4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>
5	····<ocil:product_version>ssg:·0.1.65</ocil:product_version>	5	····<ocil:product_version>ssg:·0.1.65</ocil:product_version>
6	····<ocil:schema_version>2.0</ocil:schema_version>	6	····<ocil:schema_version>2.0</ocil:schema_version>
7	····<ocil:timestamp>2022-12-20T09:54:05</ocil:timestamp>	7	····<ocil:timestamp>2022-12-20T09:54:05</ocil:timestamp>
8	··</ocil:generator>	8	··</ocil:generator>
9	··<ocil:questionnaires>	9	··<ocil:questionnaires>
10	····<ocil:questionnaire·id="ocil:ssg-chromium_d~~isable~~_fi~~rewal~~l~~_trav~~e~~rsal~~_ocil:questionnaire:1">	10	····<ocil:questionnaire·id="ocil:ssg-chromium_policy_file_ocil:questionnaire:1">
11	······<ocil:title>Dis~~abl~~e·Chromium's·Ability·to·Trav~~erse~~·Fire~~wall~~s</ocil:title>	11	······<ocil:title>Ensure·the·Chromium·Policy·Configuration·File·Exists</ocil:title>
12	······<ocil:actions>	12	······<ocil:actions>
13	········<ocil:test_action_ref>ocil:ssg-chromium_d~~isable~~_fi~~rewal~~l~~_trav~~e~~rsal~~_action:testaction:1</ocil:test_action_ref>	13	········<ocil:test_action_ref>ocil:ssg-chromium_policy_file_action:testaction:1</ocil:test_action_ref>
14	······</ocil:actions>	14	······</ocil:actions>
15	····</ocil:questionnaire>	15	····</ocil:questionnaire>
16	····<ocil:questionnaire·id="ocil:ssg-chromium_~~disable~~_net~~work_pred~~iction_ocil:questionnaire:1">	16	····<ocil:questionnaire·id="ocil:ssg-chromium_http_authentication_ocil:questionnaire:1">
17	······<ocil:title>~~Disable·Network~~·Prediction</ocil:title>	17	······<ocil:title>Set·Chromium's·HTTP·Authentication·Scheme</ocil:title>
18	······<ocil:actions>	18	······<ocil:actions>
19	········<ocil:test_action_ref>ocil:ssg-chromium_~~disable~~_net~~work_pred~~iction_action:testaction:1</ocil:test_action_ref>	19	········<ocil:test_action_ref>ocil:ssg-chromium_http_authentication_action:testaction:1</ocil:test_action_ref>
20	······</ocil:actions>	20	······</ocil:actions>
21	····</ocil:questionnaire>	21	····</ocil:questionnaire>
22	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_session_cookies_ocil:questionnaire:1">	22	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_session_cookies_ocil:questionnaire:1">
23	······<ocil:title>Disable·Session·Cookies</ocil:title>	23	······<ocil:title>Disable·Session·Cookies</ocil:title>
24	······<ocil:actions>	24	······<ocil:actions>
25	········<ocil:test_action_ref>ocil:ssg-chromium_disable_session_cookies_action:testaction:1</ocil:test_action_ref>	25	········<ocil:test_action_ref>ocil:ssg-chromium_disable_session_cookies_action:testaction:1</ocil:test_action_ref>
26	······</ocil:actions>	26	······</ocil:actions>
27	····</ocil:questionnaire>	27	····</ocil:questionnaire>
28	····<ocil:questionnaire·id="ocil:ssg-chromium_de~~fault~~_~~block_plug~~ins_ocil:questionnaire:1">	28	····<ocil:questionnaire·id="ocil:ssg-chromium_plugins_require_authorization_ocil:questionnaire:1">
29	······<ocil:title>~~Block~~·Plugins·by·Default</ocil:title>	29	······<ocil:title>Require·Outdated·Plugins·to·be·Authorized</ocil:title>
30	······<ocil:actions>	30	······<ocil:actions>
31	········<ocil:test_action_ref>ocil:ssg-chromium_de~~fault~~_~~block_plug~~ins_action:testaction:1</ocil:test_action_ref>	31	········<ocil:test_action_ref>ocil:ssg-chromium_plugins_require_authorization_action:testaction:1</ocil:test_action_ref>
32	······</ocil:actions>	32	······</ocil:actions>
33	····</ocil:questionnaire>	33	····</ocil:questionnaire>
34	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_automatic_installation_ocil:questionnaire:1">	34	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_automatic_installation_ocil:questionnaire:1">
35	······<ocil:title>Disable·Automatic·Search·And·Installation·of·Plugins</ocil:title>	35	······<ocil:title>Disable·Automatic·Search·And·Installation·of·Plugins</ocil:title>
36	······<ocil:actions>	36	······<ocil:actions>
37	········<ocil:test_action_ref>ocil:ssg-chromium_disable_automatic_installation_action:testaction:1</ocil:test_action_ref>	37	········<ocil:test_action_ref>ocil:ssg-chromium_disable_automatic_installation_action:testaction:1</ocil:test_action_ref>
38	······</ocil:actions>	38	······</ocil:actions>
39	····</ocil:questionnaire>	39	····</ocil:questionnaire>
40	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_pl~~ugin~~_~~blacklist~~_ocil:questionnaire:1">	40	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_cleartext_passwords_ocil:questionnaire:1">
		41	······<ocil:title>Disable·Use·of·Cleartext·Passwords</ocil:title>
41	······<ocil:title>Disable·All·Plugins·by·Default</ocil:title>
42	······<ocil:actions>
43	········<ocil:test_action_ref>ocil:ssg-chromium_disable_plugin_blacklist_action:testaction:1</ocil:test_action_ref>
44	······</ocil:actions>
45	····</ocil:questionnaire>
46	····<ocil:questionnaire·id="ocil:ssg-chromium_extension_whitelist_ocil:questionnaire:1">
47	······<ocil:title>Enable·Only·Approved·Extensions</ocil:title>
48	······<ocil:actions>	42	······<ocil:actions>
49	········<ocil:test_action_ref>ocil:ssg-chromium_exte~~nsion~~_~~whitelist~~_action:testaction:1</ocil:test_action_ref>	43	········<ocil:test_action_ref>ocil:ssg-chromium_disable_cleartext_passwords_action:testaction:1</ocil:test_action_ref>
50	······</ocil:actions>	44	······</ocil:actions>
51	····</ocil:questionnaire>	45	····</ocil:questionnaire>
52	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_ba~~ckgroun~~d_p~~rocess~~ing_ocil:questionnaire:1">	46	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_outdated_plugins_ocil:questionnaire:1">
53	······<ocil:title>Disable·Ba~~ckgroun~~d·P~~rocess~~ing</ocil:title>	47	······<ocil:title>Disable·Outdated·Plugins</ocil:title>
54	······<ocil:actions>	48	······<ocil:actions>
55	········<ocil:test_action_ref>ocil:ssg-chromium_disable_ba~~ckgroun~~d_p~~rocess~~ing_action:testaction:1</ocil:test_action_ref>	49	········<ocil:test_action_ref>ocil:ssg-chromium_disable_outdated_plugins_action:testaction:1</ocil:test_action_ref>
56	······</ocil:actions>	50	······</ocil:actions>
57	····</ocil:questionnaire>	51	····</ocil:questionnaire>
58	····<ocil:questionnaire·id="ocil:ssg-chromium_~~http~~_aut~~henti~~c~~ation~~_ocil:questionnaire:1">	52	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_protocol_schemas_ocil:questionnaire:1">
59	······<ocil:title>~~Set·Chromium's~~·~~HTTP·Auth~~e~~ntica~~tion·Scheme</ocil:title>	53	······<ocil:title>Disable·Insecure·And·Obsolete·Protocol·Schemas</ocil:title>
60	······<ocil:actions>	54	······<ocil:actions>
61	········<ocil:test_action_ref>ocil:ssg-chromium_~~http~~_aut~~henti~~c~~ation~~_action:testaction:1</ocil:test_action_ref>	55	········<ocil:test_action_ref>ocil:ssg-chromium_disable_protocol_schemas_action:testaction:1</ocil:test_action_ref>
62	······</ocil:actions>	56	······</ocil:actions>
63	····</ocil:questionnaire>	57	····</ocil:questionnaire>
64	····<ocil:questionnaire·id="ocil:ssg-chromium_disal~~low~~_l~~ocat~~ion_tr~~acki~~ng_ocil:questionnaire:1">	58	····<ocil:questionnaire·id="ocil:ssg-chromium_whitelist_plugin_urls_ocil:questionnaire:1">
65	······<ocil:title>Disable·~~Locati~~on·Tr~~acking~~</ocil:title>	59	······<ocil:title>Enable·Plugins·for·Only·Approved·URLs</ocil:title>
66	······<ocil:actions>	60	······<ocil:actions>
67	········<ocil:test_action_ref>ocil:ssg-chromium_disal~~low~~_l~~ocat~~ion_tr~~acki~~ng_action:testaction:1</ocil:test_action_ref>	61	········<ocil:test_action_ref>ocil:ssg-chromium_whitelist_plugin_urls_action:testaction:1</ocil:test_action_ref>
68	······</ocil:actions>	62	······</ocil:actions>
69	····</ocil:questionnaire>	63	····</ocil:questionnaire>
70	····<ocil:questionnaire·id="ocil:ssg-chromium_enable_browser_history_ocil:questionnaire:1">	64	····<ocil:questionnaire·id="ocil:ssg-chromium_enable_browser_history_ocil:questionnaire:1">
71	······<ocil:title>Enable·Saving·the·Browser·History</ocil:title>	65	······<ocil:title>Enable·Saving·the·Browser·History</ocil:title>
72	······<ocil:actions>	66	······<ocil:actions>
73	········<ocil:test_action_ref>ocil:ssg-chromium_enable_browser_history_action:testaction:1</ocil:test_action_ref>	67	········<ocil:test_action_ref>ocil:ssg-chromium_enable_browser_history_action:testaction:1</ocil:test_action_ref>
74	······</ocil:actions>	68	······</ocil:actions>
75	····</ocil:questionnaire>	69	····</ocil:questionnaire>
76	····<ocil:questionnaire·id="ocil:ssg-chromium_d~~isabl~~e~~_clou~~d_p~~rint~~_sharing_ocil:questionnaire:1">	70	····<ocil:questionnaire·id="ocil:ssg-chromium_trusted_home_page_ocil:questionnaire:1">
77	······<ocil:title>~~Disabl~~e·~~Clo~~u~~d·Print~~·Sharing</ocil:title>	71	······<ocil:title>Set·the·Default·Home·Page</ocil:title>
78	······<ocil:actions>	72	······<ocil:actions>
79	········<ocil:test_action_ref>ocil:ssg-chromium_d~~isabl~~e~~_clou~~d_p~~rint~~_sharing_action:testaction:1</ocil:test_action_ref>	73	········<ocil:test_action_ref>ocil:ssg-chromium_trusted_home_page_action:testaction:1</ocil:test_action_ref>
80	······</ocil:actions>	74	······</ocil:actions>
81	····</ocil:questionnaire>	75	····</ocil:questionnaire>
82	····<ocil:questionnaire·id="ocil:ssg-chromium_~~black~~list_e~~xtension_~~in~~stall~~ation_ocil:questionnaire:1">	76	····<ocil:questionnaire·id="ocil:ssg-chromium_default_search_provider_name_ocil:questionnaire:1">
83	······<ocil:title>~~Disabl~~e·~~All·Ex~~te~~nsions·by·D~~e~~fault~~</ocil:title>	77	······<ocil:title>Set·the·Default·Search·Provider's·URL</ocil:title>
84	······<ocil:actions>	78	······<ocil:actions>
85	········<ocil:test_action_ref>ocil:ssg-chromium_~~black~~list_e~~xtension_~~in~~stall~~ation_action:testaction:1</ocil:test_action_ref>	79	········<ocil:test_action_ref>ocil:ssg-chromium_default_search_provider_name_action:testaction:1</ocil:test_action_ref>
86	······</ocil:actions>	80	······</ocil:actions>
87	····</ocil:questionnaire>	81	····</ocil:questionnaire>
88	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_~~password~~_manager_ocil:questionnaire:1">	82	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_incognito_mode_ocil:questionnaire:1">
89	······<ocil:title>Disable·~~Chr~~o~~mium·Passw~~ord·Manager</ocil:title>	83	······<ocil:title>Disable·Incognito·Mode</ocil:title>
90	······<ocil:actions>	84	······<ocil:actions>
91	········<ocil:test_action_ref>ocil:ssg-chromium_disable_~~password~~_manager_action:testaction:1</ocil:test_action_ref>	85	········<ocil:test_action_ref>ocil:ssg-chromium_disable_incognito_mode_action:testaction:1</ocil:test_action_ref>
92	······</ocil:actions>	86	······</ocil:actions>
93	····</ocil:questionnaire>	87	····</ocil:questionnaire>
94	····<ocil:questionnaire·id="ocil:ssg-chromium_poli~~cy_f~~ile_ocil:questionnaire:1">	88	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_plugin_blacklist_ocil:questionnaire:1">
95	······<ocil:title>Ensure·~~the~~·C~~hrom~~ium·~~Poli~~cy·Conf~~igur~~a~~tion·F~~il~~e·Exis~~ts</ocil:title>	89	······<ocil:title>Disable·All·Plugins·by·Default</ocil:title>
96	······<ocil:actions>	90	······<ocil:actions>
97	········<ocil:test_action_ref>ocil:ssg-chromium_poli~~cy_f~~ile_action:testaction:1</ocil:test_action_ref>	91	········<ocil:test_action_ref>ocil:ssg-chromium_disable_plugin_blacklist_action:testaction:1</ocil:test_action_ref>
98	······</ocil:actions>	92	······</ocil:actions>
99	····</ocil:questionnaire>	93	····</ocil:questionnaire>
100	····<ocil:questionnaire·id="ocil:ssg-chromium_~~check~~_~~cer~~t~~_revoc~~ation_ocil:questionnaire:1">	94	····<ocil:questionnaire·id="ocil:ssg-chromium_disallow_location_tracking_ocil:questionnaire:1">
101	······<ocil:title>Enab~~le·On~~line·~~OCSP/CR~~L·~~Cer~~tificate·~~Che~~cks</ocil:title>	95	······<ocil:title>Disable·Location·Tracking</ocil:title>
102	······<ocil:actions>	96	······<ocil:actions>
103	········<ocil:test_action_ref>ocil:ssg-chromium_~~check~~_~~cer~~t~~_revoc~~ation_action:testaction:1</ocil:test_action_ref>	97	········<ocil:test_action_ref>ocil:ssg-chromium_disallow_location_tracking_action:testaction:1</ocil:test_action_ref>
104	······</ocil:actions>	98	······</ocil:actions>
105	····</ocil:questionnaire>	99	····</ocil:questionnaire>
106	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_metrics_reporting_ocil:questionnaire:1">	100	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_metrics_reporting_ocil:questionnaire:1">
107	······<ocil:title>Disable·Metrics·Reporting</ocil:title>	101	······<ocil:title>Disable·Metrics·Reporting</ocil:title>
108	······<ocil:actions>	102	······<ocil:actions>
109	········<ocil:test_action_ref>ocil:ssg-chromium_disable_metrics_reporting_action:testaction:1</ocil:test_action_ref>	103	········<ocil:test_action_ref>ocil:ssg-chromium_disable_metrics_reporting_action:testaction:1</ocil:test_action_ref>
110	······</ocil:actions>	104	······</ocil:actions>
111	····</ocil:questionnaire>	105	····</ocil:questionnaire>
112	····<ocil:questionnaire·id="ocil:ssg-chromium_enable_~~approv~~e~~d_plug~~ins_ocil:questionnaire:1">	106	····<ocil:questionnaire·id="ocil:ssg-chromium_enable_safe_browsing_ocil:questionnaire:1">
113	······<ocil:title>Enable·~~Only·App~~ro~~ved~~·~~Plugins~~</ocil:title>	107	······<ocil:title>Enable·the·Safe·Browsing·Feature</ocil:title>
114	······<ocil:actions>	108	······<ocil:actions>
115	········<ocil:test_action_ref>ocil:ssg-chromium_enable_~~approv~~e~~d_plug~~ins_action:testaction:1</ocil:test_action_ref>	109	········<ocil:test_action_ref>ocil:ssg-chromium_enable_safe_browsing_action:testaction:1</ocil:test_action_ref>
116	······</ocil:actions>	110	······</ocil:actions>
117	····</ocil:questionnaire>	111	····</ocil:questionnaire>
118	····<ocil:questionnaire·id="ocil:ssg-chromium_~~tru~~sted_ho~~me_p~~age_ocil:questionnaire:1">	112	····<ocil:questionnaire·id="ocil:ssg-chromium_block_desktop_notifications_ocil:questionnaire:1">
119	······<ocil:title>~~Set·the~~·De~~fault~~·Ho~~me·P~~age</ocil:title>	113	······<ocil:title>Prevent·Desktop·Notifications</ocil:title>
120	······<ocil:actions>	114	······<ocil:actions>
121	········<ocil:test_action_ref>ocil:ssg-chromium_~~tru~~sted_ho~~me_p~~age_action:testaction:1</ocil:test_action_ref>	115	········<ocil:test_action_ref>ocil:ssg-chromium_block_desktop_notifications_action:testaction:1</ocil:test_action_ref>
122	······</ocil:actions>	116	······</ocil:actions>
123	····</ocil:questionnaire>	117	····</ocil:questionnaire>
124	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_~~3d_graphics_api~~_ocil:questionnaire:1">	118	····<ocil:questionnaire·id="ocil:ssg-chromium_default_search_provider_ocil:questionnaire:1">
125	······<ocil:title>Disable·the·3D·Graph~~ics·APIs~~</ocil:title>	119	······<ocil:title>Enable·the·Default·Search·Provider</ocil:title>
126	······<ocil:actions>	120	······<ocil:actions>
127	········<ocil:test_action_ref>ocil:ssg-chromium_disable_~~3d_graphics_api~~_action:testaction:1</ocil:test_action_ref>	121	········<ocil:test_action_ref>ocil:ssg-chromium_default_search_provider_action:testaction:1</ocil:test_action_ref>
128	······</ocil:actions>	122	······</ocil:actions>
Max diff block lines reached; 60132/71596 bytes (83.99%) of diff not shown.


Offset 7562, 1035 lines modified		Offset 7562, 1179 lines modified
7562	······<ocil:generator>	7562	······<ocil:generator>
7563	········<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>	7563	········<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>
7564	········<ocil:product_version>ssg:·0.1.65</ocil:product_version>	7564	········<ocil:product_version>ssg:·0.1.65</ocil:product_version>
7565	········<ocil:schema_version>2.0</ocil:schema_version>	7565	········<ocil:schema_version>2.0</ocil:schema_version>
7566	········<ocil:timestamp>2022-12-20T09:54:05</ocil:timestamp>	7566	········<ocil:timestamp>2022-12-20T09:54:05</ocil:timestamp>
7567	······</ocil:generator>	7567	······</ocil:generator>
7568	······<ocil:questionnaires>	7568	······<ocil:questionnaires>
7569	········<ocil:questionnaire·id="ocil:ssg-pri~~vat~~e_nodes_ocil:questionnaire:1">	7569	········<ocil:questionnaire·id="ocil:ssg-configure_tls_ocil:questionnaire:1">
7570	··········<ocil:title>Ensure·Cl~~ust~~er·~~Private·N~~odes</ocil:title>	7570	··········<ocil:title>Encrypt·Traffic·to·Load·Balancers·and·Workloads</ocil:title>
7571	··········<ocil:actions>	7571	··········<ocil:actions>
7572	············<ocil:test_action_ref>ocil:ssg-pri~~vat~~e_nodes_action:testaction:1</ocil:test_action_ref>	7572	············<ocil:test_action_ref>ocil:ssg-configure_tls_action:testaction:1</ocil:test_action_ref>
7573	··········</ocil:actions>	7573	··········</ocil:actions>
7574	········</ocil:questionnaire>	7574	········</ocil:questionnaire>
7575	········<ocil:questionnaire·id="ocil:ssg-kubelet_enable_iptables_util_chains_~~worker_~~ocil:questionnaire:1">	7575	········<ocil:questionnaire·id="ocil:ssg-kubelet_enable_iptables_util_chains_ocil:questionnaire:1">
7576	··········<ocil:title>kubelet·-·Allow·Automatic·Firewall·Configuration</ocil:title>	7576	··········<ocil:title>kubelet·-·Allow·Automatic·Firewall·Configuration</ocil:title>
7577	··········<ocil:actions>	7577	··········<ocil:actions>
7578	············<ocil:test_action_ref>ocil:ssg-kubelet_enable_iptables_util_chains_~~worker_~~action:testaction:1</ocil:test_action_ref>	7578	············<ocil:test_action_ref>ocil:ssg-kubelet_enable_iptables_util_chains_action:testaction:1</ocil:test_action_ref>
7579	··········</ocil:actions>
7580	········</ocil:questionnaire>
7581	········<ocil:questionnaire·id="ocil:ssg-kubelet_enable_streaming_connections_deprecated_ocil:questionnaire:1">
7582	··········<ocil:title>kubelet·-·Do·Not·Disable·Streaming·Timeouts</ocil:title>
7583	··········<ocil:actions>
7584	············<ocil:test_action_ref>ocil:ssg-kubelet_enable_streaming_connections_deprecated_action:testaction:1</ocil:test_action_ref>
7585	··········</ocil:actions>
7586	········</ocil:questionnaire>
7587	········<ocil:questionnaire·id="ocil:ssg-kubelet_enable_server_cert_rotation_worker_ocil:questionnaire:1">
7588	··········<ocil:title>kubelet·-·Enable·Server·Certificate·Rotation</ocil:title>
7589	··········<ocil:actions>
7590	············<ocil:test_action_ref>ocil:ssg-kubelet_enable_server_cert_rotation_worker_action:testaction:1</ocil:test_action_ref>
7591	··········</ocil:actions>	7579	··········</ocil:actions>
7592	········</ocil:questionnaire>	7580	········</ocil:questionnaire>
7593	········<ocil:questionnaire·id="ocil:ssg-kubelet_~~read_only~~_~~port~~_secured_ocil:questionnaire:1">	7581	········<ocil:questionnaire·id="ocil:ssg-kubelet_anonymous_auth_deprecated_ocil:questionnaire:1">
7594	··········<ocil:title>~~kube~~le~~t·-~~·En~~sure·that·~~the·~~--re~~ad-only-port·is·~~secur~~ed</ocil:title>	7582	··········<ocil:title>Disable·Anonymous·Authentication·to·the·Kubelet</ocil:title>
7595	··········<ocil:actions>	7583	··········<ocil:actions>
7596	············<ocil:test_action_ref>ocil:ssg-kubelet_~~read_only~~_~~port~~_secured_action:testaction:1</ocil:test_action_ref>	7584	············<ocil:test_action_ref>ocil:ssg-kubelet_anonymous_auth_deprecated_action:testaction:1</ocil:test_action_ref>
7597	··········</ocil:actions>	7585	··········</ocil:actions>
7598	········</ocil:questionnaire>	7586	········</ocil:questionnaire>
7599	········<ocil:questionnaire·id="ocil:ssg-kubelet_configure_client_ca_master_ocil:questionnaire:1">	7587	········<ocil:questionnaire·id="ocil:ssg-kubelet_configure_client_ca_master_ocil:questionnaire:1">
7600	··········<ocil:title>kubelet·-·Configure·the·Client·CA·Certificate</ocil:title>	7588	··········<ocil:title>kubelet·-·Configure·the·Client·CA·Certificate</ocil:title>
7601	··········<ocil:actions>	7589	··········<ocil:actions>
7602	············<ocil:test_action_ref>ocil:ssg-kubelet_configure_client_ca_master_action:testaction:1</ocil:test_action_ref>	7590	············<ocil:test_action_ref>ocil:ssg-kubelet_configure_client_ca_master_action:testaction:1</ocil:test_action_ref>
7603	··········</ocil:actions>	7591	··········</ocil:actions>
7604	········</ocil:questionnaire>	7592	········</ocil:questionnaire>
7605	········<ocil:questionnaire·id="ocil:ssg-kubelet_enable_s~~tre~~a~~ming~~_~~conne~~c~~tio~~ns_worker_ocil:questionnaire:1">	7593	········<ocil:questionnaire·id="ocil:ssg-kubelet_enable_iptables_util_chains_deprecated_ocil:questionnaire:1">
7606	··········<ocil:title>kubelet·-·D~~o·N~~ot·~~Dis~~a~~ble~~·Strea~~ming·T~~i~~meou~~ts</ocil:title>	7594	··········<ocil:title>kubelet·-·Allow·Automatic·Firewall·Configuration</ocil:title>
7607	··········<ocil:actions>	7595	··········<ocil:actions>
7608	············<ocil:test_action_ref>ocil:ssg-kubelet_enable_s~~tre~~a~~ming~~_~~conne~~c~~tio~~ns_worker_action:testaction:1</ocil:test_action_ref>	7596	············<ocil:test_action_ref>ocil:ssg-kubelet_enable_iptables_util_chains_deprecated_action:testaction:1</ocil:test_action_ref>
7609	··········</ocil:actions>	7597	··········</ocil:actions>
7610	········</ocil:questionnaire>	7598	········</ocil:questionnaire>
7611	········<ocil:questionnaire·id="ocil:ssg-kubelet_enable_~~cli~~en~~t_ce~~rt_rotati~~on_wo~~rker_ocil:questionnaire:1">	7599	········<ocil:questionnaire·id="ocil:ssg-kubelet_read_only_port_secured_ocil:questionnaire:1">
7612	··········<ocil:title>kubelet·-·En~~abl~~e·~~Clien~~t·Cer~~tificate·R~~ot~~ation~~</ocil:title>	7600	··········<ocil:title>kubelet·-·Ensure·that·the·--read-only-port·is·secured</ocil:title>
7613	··········<ocil:actions>	7601	··········<ocil:actions>
7614	············<ocil:test_action_ref>ocil:ssg-kubelet_enable_~~cli~~en~~t_ce~~rt_rotati~~on_wo~~rker_action:testaction:1</ocil:test_action_ref>	7602	············<ocil:test_action_ref>ocil:ssg-kubelet_read_only_port_secured_action:testaction:1</ocil:test_action_ref>
7615	··········</ocil:actions>	7603	··········</ocil:actions>
7616	········</ocil:questionnaire>	7604	········</ocil:questionnaire>
7617	········<ocil:questionnaire·id="ocil:ssg-~~kubelet_~~enab~~le_~~ipt~~ables_ut~~i~~l_cha~~ins_ocil:questionnaire:1">	7605	········<ocil:questionnaire·id="ocil:ssg-endpoint_configuration_ocil:questionnaire:1">
7618	··········<ocil:title>~~kubel~~e~~t·-·Allow~~·A~~utom~~at~~ic·Fir~~ew~~all·C~~on~~figuration~~</ocil:title>	7606	··········<ocil:title>Ensure·Private·Endpoint·Access</ocil:title>
7619	··········<ocil:actions>	7607	··········<ocil:actions>
7620	············<ocil:test_action_ref>ocil:ssg-~~kubelet_~~enab~~le_~~ipt~~ables_ut~~i~~l_cha~~ins_action:testaction:1</ocil:test_action_ref>	7608	············<ocil:test_action_ref>ocil:ssg-endpoint_configuration_action:testaction:1</ocil:test_action_ref>
7621	··········</ocil:actions>	7609	··········</ocil:actions>
7622	········</ocil:questionnaire>	7610	········</ocil:questionnaire>
7623	········<ocil:questionnaire·id="ocil:ssg-~~kubelet~~_en~~able_s~~tre~~amin~~g~~_conn~~ection~~s_master~~_ocil:questionnaire:1">	7611	········<ocil:questionnaire·id="ocil:ssg-iam_integration_ocil:questionnaire:1">
7624	··········<ocil:title>~~kubel~~e~~t·-·Do·Not~~·Dis~~abl~~e~~·St~~r~~eam~~ing·T~~imeouts~~</ocil:title>	7612	··········<ocil:title>Manage·Users·with·AWS·IAM</ocil:title>
7625	··········<ocil:actions>	7613	··········<ocil:actions>
7626	············<ocil:test_action_ref>ocil:ssg-~~kubelet~~_en~~able_s~~tre~~amin~~g~~_conn~~ection~~s_master~~_action:testaction:1</ocil:test_action_ref>	7614	············<ocil:test_action_ref>ocil:ssg-iam_integration_action:testaction:1</ocil:test_action_ref>
7627	··········</ocil:actions>	7615	··········</ocil:actions>
7628	········</ocil:questionnaire>	7616	········</ocil:questionnaire>
7629	········<ocil:questionnaire·id="ocil:ssg-file_groupowner_worker_kubeconfig_ocil:questionnaire:1">	7617	········<ocil:questionnaire·id="ocil:ssg-file_groupowner_worker_kubeconfig_ocil:questionnaire:1">
7630	··········<ocil:title>Verify·Group·Who·Owns·The·Worker·Kubeconfig·File</ocil:title>	7618	··········<ocil:title>Verify·Group·Who·Owns·The·Worker·Kubeconfig·File</ocil:title>
7631	··········<ocil:actions>	7619	··········<ocil:actions>
7632	············<ocil:test_action_ref>ocil:ssg-file_groupowner_worker_kubeconfig_action:testaction:1</ocil:test_action_ref>	7620	············<ocil:test_action_ref>ocil:ssg-file_groupowner_worker_kubeconfig_action:testaction:1</ocil:test_action_ref>
7633	··········</ocil:actions>	7621	··········</ocil:actions>
7634	········</ocil:questionnaire>	7622	········</ocil:questionnaire>
7635	········<ocil:questionnaire·id="ocil:ssg-file_groupowner_kubelet_conf_ocil:questionnaire:1">
7636	··········<ocil:title>Verify·Group·Who·Owns·The·Kubelet·Configuration·File</ocil:title>
7637	··········<ocil:actions>
7638	············<ocil:test_action_ref>ocil:ssg-file_groupowner_kubelet_conf_action:testaction:1</ocil:test_action_ref>
7639	··········</ocil:actions>
7640	········</ocil:questionnaire>
7641	········<ocil:questionnaire·id="ocil:ssg-con~~fig~~u~~re_tls~~_ocil:questionnaire:1">	7623	········<ocil:questionnaire·id="ocil:ssg-kubelet_anonymous_auth_ocil:questionnaire:1">
		7624	··········<ocil:title>Disable·Anonymous·Authentication·to·the·Kubelet</ocil:title>
7642	··········<ocil:title>Encrypt·Traffic·to·Load·Balancers·and·Workloads</ocil:title>
7643	··········<ocil:actions>
7644	············<ocil:test_action_ref>ocil:ssg-configure_tls_action:testaction:1</ocil:test_action_ref>
7645	··········</ocil:actions>
7646	········</ocil:questionnaire>
7647	········<ocil:questionnaire·id="ocil:ssg-image_scanning_ocil:questionnaire:1">
7648	··········<ocil:title>Ensure·Image·Vulnerability·Scanning</ocil:title>
7649	··········<ocil:actions>	7625	··········<ocil:actions>
7650	············<ocil:test_action_ref>ocil:ssg-~~imag~~e_~~sca~~n~~ning~~_action:testaction:1</ocil:test_action_ref>	7626	············<ocil:test_action_ref>ocil:ssg-kubelet_anonymous_auth_action:testaction:1</ocil:test_action_ref>
7651	··········</ocil:actions>	7627	··········</ocil:actions>
7652	········</ocil:questionnaire>	7628	········</ocil:questionnaire>
7653	········<ocil:questionnaire·id="ocil:ssg-file_~~permissions_wor~~ker~~_kub~~e~~config~~_ocil:questionnaire:1">	7629	········<ocil:questionnaire·id="ocil:ssg-kubelet_enable_protect_kernel_defaults_ocil:questionnaire:1">
7654	··········<ocil:title>~~Verify·P~~e~~rmissions~~·on~~·th~~e·Wo~~rker~~·K~~ubeconfig·File~~</ocil:title>	7630	··········<ocil:title>kubelet·-·Enable·Protect·Kernel·Defaults</ocil:title>
7655	··········<ocil:actions>	7631	··········<ocil:actions>
7656	············<ocil:test_action_ref>ocil:ssg-file_~~permissions_wor~~ker~~_kub~~e~~config~~_action:testaction:1</ocil:test_action_ref>	7632	············<ocil:test_action_ref>ocil:ssg-kubelet_enable_protect_kernel_defaults_action:testaction:1</ocil:test_action_ref>
7657	··········</ocil:actions>	7633	··········</ocil:actions>
7658	········</ocil:questionnaire>	7634	········</ocil:questionnaire>
7659	········<ocil:questionnaire·id="ocil:ssg-kubelet_enable_cert_rotation_~~mas~~ter_ocil:questionnaire:1">	7635	········<ocil:questionnaire·id="ocil:ssg-kubelet_enable_cert_rotation_deprecated_ocil:questionnaire:1">
7660	··········<ocil:title>kubelet·-·Enable·Certificate·Rotation</ocil:title>	7636	··········<ocil:title>kubelet·-·Enable·Certificate·Rotation</ocil:title>
7661	··········<ocil:actions>	7637	··········<ocil:actions>
7662	············<ocil:test_action_ref>ocil:ssg-kubelet_enable_cert_rotation_~~mas~~ter_action:testaction:1</ocil:test_action_ref>	7638	············<ocil:test_action_ref>ocil:ssg-kubelet_enable_cert_rotation_deprecated_action:testaction:1</ocil:test_action_ref>
7663	··········</ocil:actions>	7639	··········</ocil:actions>
7664	········</ocil:questionnaire>	7640	········</ocil:questionnaire>
7665	········<ocil:questionnaire·id="ocil:ssg-kubelet_enable_iptables_util_chains_deprecated_ocil:questionnaire:1">
7666	··········<ocil:~~title>kubelet~~·-~~·All~~o~~w·Automat~~i~~c·Fi~~r~~ewall·Configura~~tion</ocil:title>	7641	········<ocil:questionnaire·id="ocil:ssg-file_groupowner_kubelet_conf_ocil:questionnaire:1">
		7642	··········<ocil:title>Verify·Group·Who·Owns·The·Kubelet·Configuration·File</ocil:title>
7667	··········<ocil:actions>	7643	··········<ocil:actions>
7668	············<ocil:test_action_ref>ocil:ssg-kubelet_~~enable_i~~pt~~abl~~es_util~~_chains_d~~epreca~~ted~~_action:testaction:1</ocil:test_action_ref>	7644	············<ocil:test_action_ref>ocil:ssg-file_groupowner_kubelet_conf_action:testaction:1</ocil:test_action_ref>
7669	··········</ocil:actions>	7645	··········</ocil:actions>
7670	········</ocil:questionnaire>	7646	········</ocil:questionnaire>
7671	········<ocil:questionnaire·id="ocil:ssg-kubele~~t_a~~n~~onym~~ous_aut~~h_w~~o~~rker~~_ocil:questionnaire:1">	7647	········<ocil:questionnaire·id="ocil:ssg-file_owner_worker_kubeconfig_ocil:questionnaire:1">
7672	··········<ocil:title>Di~~sabl~~e·Anon~~ymou~~s·Authe~~ntication·to·the·Kube~~let</ocil:title>	7648	··········<ocil:title>Verify·User·Who·Owns·The·Worker·Kubeconfig·File</ocil:title>
7673	··········<ocil:actions>	7649	··········<ocil:actions>
7674	············<ocil:test_action_ref>ocil:ssg-kubele~~t_a~~n~~onym~~ous_aut~~h_w~~o~~rker~~_action:testaction:1</ocil:test_action_ref>	7650	············<ocil:test_action_ref>ocil:ssg-file_owner_worker_kubeconfig_action:testaction:1</ocil:test_action_ref>
7675	··········</ocil:actions>	7651	··········</ocil:actions>
7676	········</ocil:questionnaire>	7652	········</ocil:questionnaire>
7677	········<ocil:questionnaire·id="ocil:ssg-secret_encryption_ocil:questionnaire:1">	7653	········<ocil:questionnaire·id="ocil:ssg-secret_encryption_ocil:questionnaire:1">
7678	··········<ocil:title>Ensure·Kubernetes·Secrets·are·Encrypted</ocil:title>	7654	··········<ocil:title>Ensure·Kubernetes·Secrets·are·Encrypted</ocil:title>
7679	··········<ocil:actions>	7655	··········<ocil:actions>
7680	············<ocil:test_action_ref>ocil:ssg-secret_encryption_action:testaction:1</ocil:test_action_ref>	7656	············<ocil:test_action_ref>ocil:ssg-secret_encryption_action:testaction:1</ocil:test_action_ref>
7681	··········</ocil:actions>	7657	··········</ocil:actions>
7682	········</ocil:questionnaire>	7658	········</ocil:questionnaire>
7683	········<ocil:questionnaire·id="ocil:ssg-kubelet_anonymous_a~~uth~~_ocil:questionnaire:1">	7659	········<ocil:questionnaire·id="ocil:ssg-kubelet_read_only_port_secured_deprecated_ocil:questionnaire:1">
7684	··········<ocil:title>D~~isab~~le·An~~onymous·Au~~the~~ntic~~ation·to·the·~~Kubel~~et</ocil:title>	7660	··········<ocil:title>kubelet·-·Ensure·that·the·--read-only-port·is·secured</ocil:title>
7685	··········<ocil:actions>	7661	··········<ocil:actions>
7686	············<ocil:test_action_ref>ocil:ssg-kubelet_anonymous_a~~uth~~_action:testaction:1</ocil:test_action_ref>	7662	············<ocil:test_action_ref>ocil:ssg-kubelet_read_only_port_secured_deprecated_action:testaction:1</ocil:test_action_ref>
Max diff block lines reached; 131867/143567 bytes (91.85%) of diff not shown.


Offset 3, 1035 lines modified		Offset 3, 1179 lines modified
3	··<ocil:generator>	3	··<ocil:generator>
4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>	4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>
5	····<ocil:product_version>ssg:·0.1.65</ocil:product_version>	5	····<ocil:product_version>ssg:·0.1.65</ocil:product_version>
6	····<ocil:schema_version>2.0</ocil:schema_version>	6	····<ocil:schema_version>2.0</ocil:schema_version>
7	····<ocil:timestamp>2022-12-20T09:54:05</ocil:timestamp>	7	····<ocil:timestamp>2022-12-20T09:54:05</ocil:timestamp>
8	··</ocil:generator>	8	··</ocil:generator>
9	··<ocil:questionnaires>	9	··<ocil:questionnaires>
10	····<ocil:questionnaire·id="ocil:ssg-pri~~vat~~e_nodes_ocil:questionnaire:1">	10	····<ocil:questionnaire·id="ocil:ssg-configure_tls_ocil:questionnaire:1">
11	······<ocil:title>Ensure·Cl~~ust~~er·~~Private·N~~odes</ocil:title>	11	······<ocil:title>Encrypt·Traffic·to·Load·Balancers·and·Workloads</ocil:title>
12	······<ocil:actions>	12	······<ocil:actions>
13	········<ocil:test_action_ref>ocil:ssg-pri~~vat~~e_nodes_action:testaction:1</ocil:test_action_ref>	13	········<ocil:test_action_ref>ocil:ssg-configure_tls_action:testaction:1</ocil:test_action_ref>
14	······</ocil:actions>	14	······</ocil:actions>
15	····</ocil:questionnaire>	15	····</ocil:questionnaire>
16	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_iptables_util_chains_~~worker_~~ocil:questionnaire:1">	16	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_iptables_util_chains_ocil:questionnaire:1">
17	······<ocil:title>kubelet·-·Allow·Automatic·Firewall·Configuration</ocil:title>	17	······<ocil:title>kubelet·-·Allow·Automatic·Firewall·Configuration</ocil:title>
18	······<ocil:actions>	18	······<ocil:actions>
19	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_iptables_util_chains_~~worker_~~action:testaction:1</ocil:test_action_ref>	19	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_iptables_util_chains_action:testaction:1</ocil:test_action_ref>
20	······</ocil:actions>
21	····</ocil:questionnaire>
22	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_streaming_connections_deprecated_ocil:questionnaire:1">
23	······<ocil:title>kubelet·-·Do·Not·Disable·Streaming·Timeouts</ocil:title>
24	······<ocil:actions>
25	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_streaming_connections_deprecated_action:testaction:1</ocil:test_action_ref>
26	······</ocil:actions>
27	····</ocil:questionnaire>
28	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_server_cert_rotation_worker_ocil:questionnaire:1">
29	······<ocil:title>kubelet·-·Enable·Server·Certificate·Rotation</ocil:title>
30	······<ocil:actions>
31	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_server_cert_rotation_worker_action:testaction:1</ocil:test_action_ref>
32	······</ocil:actions>	20	······</ocil:actions>
33	····</ocil:questionnaire>	21	····</ocil:questionnaire>
34	····<ocil:questionnaire·id="ocil:ssg-kubelet_~~read_only~~_~~port~~_secured_ocil:questionnaire:1">	22	····<ocil:questionnaire·id="ocil:ssg-kubelet_anonymous_auth_deprecated_ocil:questionnaire:1">
35	······<ocil:title>~~kube~~le~~t·-~~·En~~sure·that·~~the·~~--re~~ad-only-port·is·~~secur~~ed</ocil:title>	23	······<ocil:title>Disable·Anonymous·Authentication·to·the·Kubelet</ocil:title>
36	······<ocil:actions>	24	······<ocil:actions>
37	········<ocil:test_action_ref>ocil:ssg-kubelet_~~read_only~~_~~port~~_secured_action:testaction:1</ocil:test_action_ref>	25	········<ocil:test_action_ref>ocil:ssg-kubelet_anonymous_auth_deprecated_action:testaction:1</ocil:test_action_ref>
38	······</ocil:actions>	26	······</ocil:actions>
39	····</ocil:questionnaire>	27	····</ocil:questionnaire>
40	····<ocil:questionnaire·id="ocil:ssg-kubelet_configure_client_ca_master_ocil:questionnaire:1">	28	····<ocil:questionnaire·id="ocil:ssg-kubelet_configure_client_ca_master_ocil:questionnaire:1">
41	······<ocil:title>kubelet·-·Configure·the·Client·CA·Certificate</ocil:title>	29	······<ocil:title>kubelet·-·Configure·the·Client·CA·Certificate</ocil:title>
42	······<ocil:actions>	30	······<ocil:actions>
43	········<ocil:test_action_ref>ocil:ssg-kubelet_configure_client_ca_master_action:testaction:1</ocil:test_action_ref>	31	········<ocil:test_action_ref>ocil:ssg-kubelet_configure_client_ca_master_action:testaction:1</ocil:test_action_ref>
44	······</ocil:actions>	32	······</ocil:actions>
45	····</ocil:questionnaire>	33	····</ocil:questionnaire>
46	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_s~~tre~~a~~ming~~_~~conne~~c~~tio~~ns_worker_ocil:questionnaire:1">	34	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_iptables_util_chains_deprecated_ocil:questionnaire:1">
47	······<ocil:title>kubelet·-·D~~o·N~~ot·~~Dis~~a~~ble~~·Strea~~ming·T~~i~~meou~~ts</ocil:title>	35	······<ocil:title>kubelet·-·Allow·Automatic·Firewall·Configuration</ocil:title>
48	······<ocil:actions>	36	······<ocil:actions>
49	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_s~~tre~~a~~ming~~_~~conne~~c~~tio~~ns_worker_action:testaction:1</ocil:test_action_ref>	37	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_iptables_util_chains_deprecated_action:testaction:1</ocil:test_action_ref>
50	······</ocil:actions>	38	······</ocil:actions>
51	····</ocil:questionnaire>	39	····</ocil:questionnaire>
52	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_~~cli~~en~~t_ce~~rt_rotati~~on_wo~~rker_ocil:questionnaire:1">	40	····<ocil:questionnaire·id="ocil:ssg-kubelet_read_only_port_secured_ocil:questionnaire:1">
53	······<ocil:title>kubelet·-·En~~abl~~e·~~Clien~~t·Cer~~tificate·R~~ot~~ation~~</ocil:title>	41	······<ocil:title>kubelet·-·Ensure·that·the·--read-only-port·is·secured</ocil:title>
54	······<ocil:actions>	42	······<ocil:actions>
55	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_~~cli~~en~~t_ce~~rt_rotati~~on_wo~~rker_action:testaction:1</ocil:test_action_ref>	43	········<ocil:test_action_ref>ocil:ssg-kubelet_read_only_port_secured_action:testaction:1</ocil:test_action_ref>
56	······</ocil:actions>	44	······</ocil:actions>
57	····</ocil:questionnaire>	45	····</ocil:questionnaire>
58	····<ocil:questionnaire·id="ocil:ssg-~~kubelet_~~enab~~le_~~ipt~~ables_ut~~i~~l_cha~~ins_ocil:questionnaire:1">	46	····<ocil:questionnaire·id="ocil:ssg-endpoint_configuration_ocil:questionnaire:1">
59	······<ocil:title>~~kubel~~e~~t·-·Allow~~·A~~utom~~at~~ic·Fir~~ew~~all·C~~on~~figuration~~</ocil:title>	47	······<ocil:title>Ensure·Private·Endpoint·Access</ocil:title>
60	······<ocil:actions>	48	······<ocil:actions>
61	········<ocil:test_action_ref>ocil:ssg-~~kubelet_~~enab~~le_~~ipt~~ables_ut~~i~~l_cha~~ins_action:testaction:1</ocil:test_action_ref>	49	········<ocil:test_action_ref>ocil:ssg-endpoint_configuration_action:testaction:1</ocil:test_action_ref>
62	······</ocil:actions>	50	······</ocil:actions>
63	····</ocil:questionnaire>	51	····</ocil:questionnaire>
64	····<ocil:questionnaire·id="ocil:ssg-~~kubelet~~_en~~able_s~~tre~~amin~~g~~_conn~~ection~~s_master~~_ocil:questionnaire:1">	52	····<ocil:questionnaire·id="ocil:ssg-iam_integration_ocil:questionnaire:1">
65	······<ocil:title>~~kubel~~e~~t·-·Do·Not~~·Dis~~abl~~e~~·St~~r~~eam~~ing·T~~imeouts~~</ocil:title>	53	······<ocil:title>Manage·Users·with·AWS·IAM</ocil:title>
66	······<ocil:actions>	54	······<ocil:actions>
67	········<ocil:test_action_ref>ocil:ssg-~~kubelet~~_en~~able_s~~tre~~amin~~g~~_conn~~ection~~s_master~~_action:testaction:1</ocil:test_action_ref>	55	········<ocil:test_action_ref>ocil:ssg-iam_integration_action:testaction:1</ocil:test_action_ref>
68	······</ocil:actions>	56	······</ocil:actions>
69	····</ocil:questionnaire>	57	····</ocil:questionnaire>
70	····<ocil:questionnaire·id="ocil:ssg-file_groupowner_worker_kubeconfig_ocil:questionnaire:1">	58	····<ocil:questionnaire·id="ocil:ssg-file_groupowner_worker_kubeconfig_ocil:questionnaire:1">
71	······<ocil:title>Verify·Group·Who·Owns·The·Worker·Kubeconfig·File</ocil:title>	59	······<ocil:title>Verify·Group·Who·Owns·The·Worker·Kubeconfig·File</ocil:title>
72	······<ocil:actions>	60	······<ocil:actions>
73	········<ocil:test_action_ref>ocil:ssg-file_groupowner_worker_kubeconfig_action:testaction:1</ocil:test_action_ref>	61	········<ocil:test_action_ref>ocil:ssg-file_groupowner_worker_kubeconfig_action:testaction:1</ocil:test_action_ref>
74	······</ocil:actions>	62	······</ocil:actions>
75	····</ocil:questionnaire>	63	····</ocil:questionnaire>
76	····<ocil:questionnaire·id="ocil:ssg-file_groupowner_kubelet_conf_ocil:questionnaire:1">
77	······<ocil:title>Verify·Group·Who·Owns·The·Kubelet·Configuration·File</ocil:title>
78	······<ocil:actions>
79	········<ocil:test_action_ref>ocil:ssg-file_groupowner_kubelet_conf_action:testaction:1</ocil:test_action_ref>
80	······</ocil:actions>
81	····</ocil:questionnaire>
82	····<ocil:questionnaire·id="ocil:ssg-con~~fig~~u~~re_tls~~_ocil:questionnaire:1">	64	····<ocil:questionnaire·id="ocil:ssg-kubelet_anonymous_auth_ocil:questionnaire:1">
		65	······<ocil:title>Disable·Anonymous·Authentication·to·the·Kubelet</ocil:title>
83	······<ocil:title>Encrypt·Traffic·to·Load·Balancers·and·Workloads</ocil:title>
84	······<ocil:actions>
85	········<ocil:test_action_ref>ocil:ssg-configure_tls_action:testaction:1</ocil:test_action_ref>
86	······</ocil:actions>
87	····</ocil:questionnaire>
88	····<ocil:questionnaire·id="ocil:ssg-image_scanning_ocil:questionnaire:1">
89	······<ocil:title>Ensure·Image·Vulnerability·Scanning</ocil:title>
90	······<ocil:actions>	66	······<ocil:actions>
91	········<ocil:test_action_ref>ocil:ssg-~~imag~~e_~~sca~~n~~ning~~_action:testaction:1</ocil:test_action_ref>	67	········<ocil:test_action_ref>ocil:ssg-kubelet_anonymous_auth_action:testaction:1</ocil:test_action_ref>
92	······</ocil:actions>	68	······</ocil:actions>
93	····</ocil:questionnaire>	69	····</ocil:questionnaire>
94	····<ocil:questionnaire·id="ocil:ssg-file_permissions_worker_kubeconfig_ocil:questionnaire:1">
95	······<ocil:ti~~tle>V~~eri~~fy·Permi~~ss~~ions·on·~~the·~~Work~~e~~r·Kub~~econ~~fig·Fi~~l~~e</~~ocil:title>	70	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_protect_kernel_defaults_ocil:questionnaire:1">
		71	······<ocil:title>kubelet·-·Enable·Protect·Kernel·Defaults</ocil:title>
96	······<ocil:actions>	72	······<ocil:actions>
97	········<ocil:test_action_ref>ocil:ssg-file_~~permissions_wor~~ker~~_kub~~e~~config~~_action:testaction:1</ocil:test_action_ref>	73	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_protect_kernel_defaults_action:testaction:1</ocil:test_action_ref>
98	······</ocil:actions>	74	······</ocil:actions>
99	····</ocil:questionnaire>	75	····</ocil:questionnaire>
100	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_cert_rotation_~~mas~~ter_ocil:questionnaire:1">	76	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_cert_rotation_deprecated_ocil:questionnaire:1">
101	······<ocil:title>kubelet·-·Enable·Certificate·Rotation</ocil:title>	77	······<ocil:title>kubelet·-·Enable·Certificate·Rotation</ocil:title>
102	······<ocil:actions>	78	······<ocil:actions>
103	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_cert_rotation_~~mas~~ter_action:testaction:1</ocil:test_action_ref>	79	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_cert_rotation_deprecated_action:testaction:1</ocil:test_action_ref>
104	······</ocil:actions>	80	······</ocil:actions>
105	····</ocil:questionnaire>	81	····</ocil:questionnaire>
106	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_iptables_util_chains_deprecated_ocil:questionnaire:1">
107	······<ocil:~~title>kubelet~~·-~~·All~~o~~w·Automat~~i~~c·Fi~~r~~ewall·Configura~~tion</ocil:title>	82	····<ocil:questionnaire·id="ocil:ssg-file_groupowner_kubelet_conf_ocil:questionnaire:1">
		83	······<ocil:title>Verify·Group·Who·Owns·The·Kubelet·Configuration·File</ocil:title>
108	······<ocil:actions>	84	······<ocil:actions>
109	········<ocil:test_action_ref>ocil:ssg-kubelet_~~enable_i~~pt~~abl~~es_util~~_chains_d~~epreca~~ted~~_action:testaction:1</ocil:test_action_ref>	85	········<ocil:test_action_ref>ocil:ssg-file_groupowner_kubelet_conf_action:testaction:1</ocil:test_action_ref>
110	······</ocil:actions>	86	······</ocil:actions>
111	····</ocil:questionnaire>	87	····</ocil:questionnaire>
112	····<ocil:questionnaire·id="ocil:ssg-kubele~~t_a~~n~~onym~~ous_aut~~h_w~~o~~rker~~_ocil:questionnaire:1">	88	····<ocil:questionnaire·id="ocil:ssg-file_owner_worker_kubeconfig_ocil:questionnaire:1">
113	······<ocil:title>Di~~sabl~~e·Anon~~ymou~~s·Authe~~ntication·to·the·Kube~~let</ocil:title>	89	······<ocil:title>Verify·User·Who·Owns·The·Worker·Kubeconfig·File</ocil:title>
114	······<ocil:actions>	90	······<ocil:actions>
115	········<ocil:test_action_ref>ocil:ssg-kubele~~t_a~~n~~onym~~ous_aut~~h_w~~o~~rker~~_action:testaction:1</ocil:test_action_ref>	91	········<ocil:test_action_ref>ocil:ssg-file_owner_worker_kubeconfig_action:testaction:1</ocil:test_action_ref>
116	······</ocil:actions>	92	······</ocil:actions>
117	····</ocil:questionnaire>	93	····</ocil:questionnaire>
118	····<ocil:questionnaire·id="ocil:ssg-secret_encryption_ocil:questionnaire:1">	94	····<ocil:questionnaire·id="ocil:ssg-secret_encryption_ocil:questionnaire:1">
119	······<ocil:title>Ensure·Kubernetes·Secrets·are·Encrypted</ocil:title>	95	······<ocil:title>Ensure·Kubernetes·Secrets·are·Encrypted</ocil:title>
120	······<ocil:actions>	96	······<ocil:actions>
121	········<ocil:test_action_ref>ocil:ssg-secret_encryption_action:testaction:1</ocil:test_action_ref>	97	········<ocil:test_action_ref>ocil:ssg-secret_encryption_action:testaction:1</ocil:test_action_ref>
122	······</ocil:actions>	98	······</ocil:actions>
123	····</ocil:questionnaire>	99	····</ocil:questionnaire>
124	····<ocil:questionnaire·id="ocil:ssg-kubelet_anonymous_a~~uth~~_ocil:questionnaire:1">	100	····<ocil:questionnaire·id="ocil:ssg-kubelet_read_only_port_secured_deprecated_ocil:questionnaire:1">
125	······<ocil:title>D~~isab~~le·An~~onymous·Au~~the~~ntic~~ation·to·the·~~Kubel~~et</ocil:title>	101	······<ocil:title>kubelet·-·Ensure·that·the·--read-only-port·is·secured</ocil:title>
126	······<ocil:actions>	102	······<ocil:actions>
Max diff block lines reached; 126592/137634 bytes (91.98%) of diff not shown.


Offset 4950, 545 lines modified		Offset 4950, 522 lines modified
4950	······<ocil:generator>	4950	······<ocil:generator>
4951	········<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>	4951	········<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>
4952	········<ocil:product_version>ssg:·0.1.65</ocil:product_version>	4952	········<ocil:product_version>ssg:·0.1.65</ocil:product_version>
4953	········<ocil:schema_version>2.0</ocil:schema_version>	4953	········<ocil:schema_version>2.0</ocil:schema_version>
4954	········<ocil:timestamp>2022-12-20T09:54:05</ocil:timestamp>	4954	········<ocil:timestamp>2022-12-20T09:54:05</ocil:timestamp>
4955	······</ocil:generator>	4955	······</ocil:generator>
4956	······<ocil:questionnaires>	4956	······<ocil:questionnaires>
4957	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-cryptomining_ocil:questionnaire:1">
4958	··········<ocil:title>Enabled·Firefox·Cryptomining·protection</ocil:title>
4959	··········<ocil:actions>
4960	············<ocil:test_action_ref>ocil:ssg-firefox_policy-cryptomining_action:testaction:1</ocil:test_action_ref>
4961	··········</ocil:actions>
4962	········</ocil:questionnaire>
4963	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-development_tools_ocil:questionnaire:1">
4964	··········<ocil:title>Disable·Firefox·Development·Tools</ocil:title>
4965	··········<ocil:actions>
4966	············<ocil:test_action_ref>ocil:ssg-firefox_policy-development_tools_action:testaction:1</ocil:test_action_ref>
4967	··········</ocil:actions>
4968	········</ocil:questionnaire>
4969	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-network_prediction_ocil:questionnaire:1">
4970	··········<ocil:title>Disable·Firefox·network·prediction</ocil:title>
4971	··········<ocil:actions>
4972	············<ocil:test_action_ref>ocil:ssg-firefox_policy-network_prediction_action:testaction:1</ocil:test_action_ref>
4973	··········</ocil:actions>
4974	········</ocil:questionnaire>
4975	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-extension_recommendation_ocil:questionnaire:1">	4957	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-extension_recommendation_ocil:questionnaire:1">
4976	··········<ocil:title>Disabled·Firefox·Extension·Recommendations</ocil:title>	4958	··········<ocil:title>Disabled·Firefox·Extension·Recommendations</ocil:title>
4977	··········<ocil:actions>	4959	··········<ocil:actions>
4978	············<ocil:test_action_ref>ocil:ssg-firefox_policy-extension_recommendation_action:testaction:1</ocil:test_action_ref>	4960	············<ocil:test_action_ref>ocil:ssg-firefox_policy-extension_recommendation_action:testaction:1</ocil:test_action_ref>
4979	··········</ocil:actions>	4961	··········</ocil:actions>
4980	········</ocil:questionnaire>	4962	········</ocil:questionnaire>
4981	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-private~~_browsing~~_ocil:questionnaire:1">	4963	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-disable_deprecated_ciphers_ocil:questionnaire:1">
4982	··········<ocil:title>Fi~~refox~~·private·bro~~wsing·mus~~t·be·d~~isabl~~ed.</ocil:title>	4964	··········<ocil:title>Disable·Firefox·deprecated·ciphers</ocil:title>
4983	··········<ocil:actions>	4965	··········<ocil:actions>
4984	············<ocil:test_action_ref>ocil:ssg-firefox_policy-private~~_browsing~~_action:testaction:1</ocil:test_action_ref>	4966	············<ocil:test_action_ref>ocil:ssg-firefox_policy-disable_deprecated_ciphers_action:testaction:1</ocil:test_action_ref>
4985	··········</ocil:actions>	4967	··········</ocil:actions>
4986	········</ocil:questionnaire>	4968	········</ocil:questionnaire>
4987	········<ocil:questionnaire·id="ocil:ssg-firefox_p~~oli~~cy-autoplay_vi~~deo~~_ocil:questionnaire:1">	4969	········<ocil:questionnaire·id="ocil:ssg-firefox_preferences-auto-download_actions_ocil:questionnaire:1">
4988	··········<ocil:title>Fi~~refox~~·autoplay·must·be·~~disabl~~ed.</ocil:title>	4970	··········<ocil:title>Disable·auto-download·for·proscribed·MIME·types.</ocil:title>
4989	··········<ocil:actions>	4971	··········<ocil:actions>
4990	············<ocil:test_action_ref>ocil:ssg-firefox_p~~oli~~cy-autoplay_vi~~deo~~_action:testaction:1</ocil:test_action_ref>	4972	············<ocil:test_action_ref>ocil:ssg-firefox_preferences-auto-download_actions_action:testaction:1</ocil:test_action_ref>
4991	··········</ocil:actions>	4973	··········</ocil:actions>
4992	········</ocil:questionnaire>	4974	········</ocil:questionnaire>
4993	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-pop-up_windows_ocil:questionnaire:1">	4975	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-pop-up_windows_ocil:questionnaire:1">
4994	··········<ocil:title>Enable·Firefox·Pop-up·Blocker</ocil:title>	4976	··········<ocil:title>Enable·Firefox·Pop-up·Blocker</ocil:title>
4995	··········<ocil:actions>	4977	··········<ocil:actions>
4996	············<ocil:test_action_ref>ocil:ssg-firefox_policy-pop-up_windows_action:testaction:1</ocil:test_action_ref>	4978	············<ocil:test_action_ref>ocil:ssg-firefox_policy-pop-up_windows_action:testaction:1</ocil:test_action_ref>
4997	··········</ocil:actions>	4979	··········</ocil:actions>
4998	········</ocil:questionnaire>	4980	········</ocil:questionnaire>
4999	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-javascript_window_changes_ocil:questionnaire:1">
5000	··········<ocil:title>Disable·JavaScript's·Raise·Or·Lower·Windows·Capability</ocil:title>
5001	··········<ocil:actions>
5002	············<ocil:test_action_ref>ocil:ssg-firefox_policy-javascript_window_changes_action:testaction:1</ocil:test_action_ref>
5003	··········</ocil:actions>
5004	········</ocil:questionnaire>
5005	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-disable_pocket_ocil:questionnaire:1">	4981	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-disable_pocket_ocil:questionnaire:1">
5006	··········<ocil:title>Disable·Firefox·Pocket</ocil:title>	4982	··········<ocil:title>Disable·Firefox·Pocket</ocil:title>
5007	··········<ocil:actions>	4983	··········<ocil:actions>
5008	············<ocil:test_action_ref>ocil:ssg-firefox_policy-disable_pocket_action:testaction:1</ocil:test_action_ref>	4984	············<ocil:test_action_ref>ocil:ssg-firefox_policy-disable_pocket_action:testaction:1</ocil:test_action_ref>
5009	··········</ocil:actions>	4985	··········</ocil:actions>
5010	········</ocil:questionnaire>	4986	········</ocil:questionnaire>
5011	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-~~dis~~able_st~~udi~~es_ocil:questionnaire:1">	4987	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-telemetry_ocil:questionnaire:1">
5012	··········<ocil:title>Disable·Firefox·~~Studi~~es</ocil:title>	4988	··········<ocil:title>Disable·Firefox·Telemetry</ocil:title>
5013	··········<ocil:actions>
5014	············<ocil:test_action_ref>ocil:ssg-firefox_policy-disable_studies_action:testaction:1</ocil:test_action_ref>
5015	··········</ocil:actions>
5016	········</ocil:questionnaire>
5017	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-forget_button_ocil:questionnaire:1">
5018	··········<ocil:title>Firefox·must·prevent·the·user·from·quickly·deleting·data.</ocil:title>
5019	··········<ocil:actions>	4989	··········<ocil:actions>
5020	············<ocil:test_action_ref>ocil:ssg-firefox_policy-~~for~~get~~_but~~ton_action:testaction:1</ocil:test_action_ref>	4990	············<ocil:test_action_ref>ocil:ssg-firefox_policy-telemetry_action:testaction:1</ocil:test_action_ref>
5021	··········</ocil:actions>	4991	··········</ocil:actions>
5022	········</ocil:questionnaire>	4992	········</ocil:questionnaire>
5023	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-verification_ocil:questionnaire:1">	4993	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-verification_ocil:questionnaire:1">
5024	··········<ocil:title>Enable·Certificate·Verification</ocil:title>	4994	··········<ocil:title>Enable·Certificate·Verification</ocil:title>
5025	··········<ocil:actions>	4995	··········<ocil:actions>
5026	············<ocil:test_action_ref>ocil:ssg-firefox_policy-verification_action:testaction:1</ocil:test_action_ref>	4996	············<ocil:test_action_ref>ocil:ssg-firefox_policy-verification_action:testaction:1</ocil:test_action_ref>
5027	··········</ocil:actions>	4997	··········</ocil:actions>
5028	········</ocil:questionnaire>	4998	········</ocil:questionnaire>
5029	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-search_~~update~~_ocil:questionnaire:1">	4999	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-enhanced_tracking_ocil:questionnaire:1">
5030	··········<ocil:title>Disable~~·Installed·Se~~arch·~~Plug~~ins·U~~pda~~t~~e·Ch~~ecking</ocil:title>	5000	··········<ocil:title>Enabled·Firefox·Enhanced·Tracking·Protection</ocil:title>
5031	··········<ocil:actions>	5001	··········<ocil:actions>
5032	············<ocil:test_action_ref>ocil:ssg-firefox_policy-search_~~update~~_action:testaction:1</ocil:test_action_ref>	5002	············<ocil:test_action_ref>ocil:ssg-firefox_policy-enhanced_tracking_action:testaction:1</ocil:test_action_ref>
5033	··········</ocil:actions>	5003	··········</ocil:actions>
5034	········</ocil:questionnaire>	5004	········</ocil:questionnaire>
5035	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-exte~~nsion~~_update_ocil:questionnaire:1">	5005	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-autoplay_video_ocil:questionnaire:1">
5036	··········<ocil:title>Firefox·~~must·be·configured·to·not·~~auto~~matically·u~~pdate·installed·add-ons·a~~nd·~~pl~~ugi~~ns.</ocil:title>	5006	··········<ocil:title>Firefox·autoplay·must·be·disabled.</ocil:title>
5037	··········<ocil:actions>	5007	··········<ocil:actions>
5038	············<ocil:test_action_ref>ocil:ssg-firefox_policy-exte~~nsion~~_update_action:testaction:1</ocil:test_action_ref>	5008	············<ocil:test_action_ref>ocil:ssg-firefox_policy-autoplay_video_action:testaction:1</ocil:test_action_ref>
5039	··········</ocil:actions>	5009	··········</ocil:actions>
5040	········</ocil:questionnaire>	5010	········</ocil:questionnaire>
5041	········<ocil:questionnaire·id="ocil:ssg-~~installed_f~~i~~refox_vers~~ion_~~supp~~or~~ted~~_ocil:questionnaire:1">	5011	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-javascript_window_resizing_ocil:questionnaire:1">
5042	··········<ocil:title>~~Supported·Ve~~rsion·of·Fi~~refox·I~~nstal~~led~~</ocil:title>	5012	··········<ocil:title>Disable·JavaScript's·Moving·Or·Resizing·Windows·Capability</ocil:title>
5043	··········<ocil:actions>	5013	··········<ocil:actions>
5044	············<ocil:test_action_ref>ocil:ssg-~~installed_f~~i~~refox_vers~~ion_~~supp~~or~~ted~~_action:testaction:1</ocil:test_action_ref>	5014	············<ocil:test_action_ref>ocil:ssg-firefox_policy-javascript_window_resizing_action:testaction:1</ocil:test_action_ref>
5045	··········</ocil:actions>	5015	··········</ocil:actions>
5046	········</ocil:questionnaire>	5016	········</ocil:questionnaire>
5047	········<ocil:questionnaire·id="ocil:ssg-firefox_p~~referen~~ces-auto-do~~wnload_a~~ctions_ocil:questionnaire:1">	5017	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-network_prediction_ocil:questionnaire:1">
5048	··········<ocil:title>Disable·a~~uto-d~~own~~load·f~~or·p~~rosc~~ribed~~·MIM~~E·typ~~es.~~</ocil:title>	5018	··········<ocil:title>Disable·Firefox·network·prediction</ocil:title>
5049	··········<ocil:actions>	5019	··········<ocil:actions>
		5020	············<ocil:test_action_ref>ocil:ssg-firefox_policy-network_prediction_action:testaction:1</ocil:test_action_ref>
		5021	··········</ocil:actions>
		5022	········</ocil:questionnaire>
		5023	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-development_tools_ocil:questionnaire:1">
		5024	··········<ocil:title>Disable·Firefox·Development·Tools</ocil:title>
		5025	··········<ocil:actions>
5050	············<ocil:test_action_ref>ocil:ssg-firefox_p~~referen~~c~~es-aut~~o-d~~own~~lo~~ad_ac~~tions_action:testaction:1</ocil:test_action_ref>	5026	············<ocil:test_action_ref>ocil:ssg-firefox_policy-development_tools_action:testaction:1</ocil:test_action_ref>
		5027	··········</ocil:actions>
		5028	········</ocil:questionnaire>
		5029	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-forget_button_ocil:questionnaire:1">
		5030	··········<ocil:title>Firefox·must·prevent·the·user·from·quickly·deleting·data.</ocil:title>
		5031	··········<ocil:actions>
		5032	············<ocil:test_action_ref>ocil:ssg-firefox_policy-forget_button_action:testaction:1</ocil:test_action_ref>
5051	··········</ocil:actions>	5033	··········</ocil:actions>
5052	········</ocil:questionnaire>	5034	········</ocil:questionnaire>
5053	········<ocil:questionnaire·id="ocil:ssg-firefox_preferences-dod_root_certificate_installed_ocil:questionnaire:1">	5035	········<ocil:questionnaire·id="ocil:ssg-firefox_preferences-dod_root_certificate_installed_ocil:questionnaire:1">
5054	··········<ocil:title>The·DoD·Root·Certificate·Exists</ocil:title>	5036	··········<ocil:title>The·DoD·Root·Certificate·Exists</ocil:title>
5055	··········<ocil:actions>	5037	··········<ocil:actions>
5056	············<ocil:test_action_ref>ocil:ssg-firefox_preferences-dod_root_certificate_installed_action:testaction:1</ocil:test_action_ref>	5038	············<ocil:test_action_ref>ocil:ssg-firefox_preferences-dod_root_certificate_installed_action:testaction:1</ocil:test_action_ref>
5057	··········</ocil:actions>	5039	··········</ocil:actions>
5058	········</ocil:questionnaire>	5040	········</ocil:questionnaire>
5059	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-~~tele~~m~~etry~~_ocil:questionnaire:1">	5041	········<ocil:questionnaire·id="ocil:ssg-firefox_policy-cryptomining_ocil:questionnaire:1">
5060	··········<ocil:title>Disable·Firefox·~~Tele~~metry</ocil:title>	5042	··········<ocil:title>Enabled·Firefox·Cryptomining·protection</ocil:title>
5061	··········<ocil:actions>	5043	··········<ocil:actions>
5062	············<ocil:test_action_ref>ocil:ssg-firefox_policy-~~tele~~m~~etry~~_action:testaction:1</ocil:test_action_ref>	5044	············<ocil:test_action_ref>ocil:ssg-firefox_policy-cryptomining_action:testaction:1</ocil:test_action_ref>
5063	··········</ocil:actions>	5045	··········</ocil:actions>
5064	········</ocil:questionnaire>	5046	········</ocil:questionnaire>
Max diff block lines reached; 38543/49282 bytes (78.21%) of diff not shown.


Offset 3, 545 lines modified		Offset 3, 522 lines modified
3	··<ocil:generator>	3	··<ocil:generator>
4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>	4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>
5	····<ocil:product_version>ssg:·0.1.65</ocil:product_version>	5	····<ocil:product_version>ssg:·0.1.65</ocil:product_version>
6	····<ocil:schema_version>2.0</ocil:schema_version>	6	····<ocil:schema_version>2.0</ocil:schema_version>
7	····<ocil:timestamp>2022-12-20T09:54:05</ocil:timestamp>	7	····<ocil:timestamp>2022-12-20T09:54:05</ocil:timestamp>
8	··</ocil:generator>	8	··</ocil:generator>
9	··<ocil:questionnaires>	9	··<ocil:questionnaires>
10	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-cryptomining_ocil:questionnaire:1">
11	······<ocil:title>Enabled·Firefox·Cryptomining·protection</ocil:title>
12	······<ocil:actions>
13	········<ocil:test_action_ref>ocil:ssg-firefox_policy-cryptomining_action:testaction:1</ocil:test_action_ref>
14	······</ocil:actions>
15	····</ocil:questionnaire>
16	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-development_tools_ocil:questionnaire:1">
17	······<ocil:title>Disable·Firefox·Development·Tools</ocil:title>
18	······<ocil:actions>
19	········<ocil:test_action_ref>ocil:ssg-firefox_policy-development_tools_action:testaction:1</ocil:test_action_ref>
20	······</ocil:actions>
21	····</ocil:questionnaire>
22	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-network_prediction_ocil:questionnaire:1">
23	······<ocil:title>Disable·Firefox·network·prediction</ocil:title>
24	······<ocil:actions>
25	········<ocil:test_action_ref>ocil:ssg-firefox_policy-network_prediction_action:testaction:1</ocil:test_action_ref>
26	······</ocil:actions>
27	····</ocil:questionnaire>
28	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-extension_recommendation_ocil:questionnaire:1">	10	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-extension_recommendation_ocil:questionnaire:1">
29	······<ocil:title>Disabled·Firefox·Extension·Recommendations</ocil:title>	11	······<ocil:title>Disabled·Firefox·Extension·Recommendations</ocil:title>
30	······<ocil:actions>	12	······<ocil:actions>
31	········<ocil:test_action_ref>ocil:ssg-firefox_policy-extension_recommendation_action:testaction:1</ocil:test_action_ref>	13	········<ocil:test_action_ref>ocil:ssg-firefox_policy-extension_recommendation_action:testaction:1</ocil:test_action_ref>
32	······</ocil:actions>	14	······</ocil:actions>
33	····</ocil:questionnaire>	15	····</ocil:questionnaire>
34	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-private~~_browsing~~_ocil:questionnaire:1">	16	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-disable_deprecated_ciphers_ocil:questionnaire:1">
35	······<ocil:title>Fi~~refox~~·private·bro~~wsing·mus~~t·be·d~~isabl~~ed.</ocil:title>	17	······<ocil:title>Disable·Firefox·deprecated·ciphers</ocil:title>
36	······<ocil:actions>	18	······<ocil:actions>
37	········<ocil:test_action_ref>ocil:ssg-firefox_policy-private~~_browsing~~_action:testaction:1</ocil:test_action_ref>	19	········<ocil:test_action_ref>ocil:ssg-firefox_policy-disable_deprecated_ciphers_action:testaction:1</ocil:test_action_ref>
38	······</ocil:actions>	20	······</ocil:actions>
39	····</ocil:questionnaire>	21	····</ocil:questionnaire>
40	····<ocil:questionnaire·id="ocil:ssg-firefox_p~~oli~~cy-autoplay_vi~~deo~~_ocil:questionnaire:1">	22	····<ocil:questionnaire·id="ocil:ssg-firefox_preferences-auto-download_actions_ocil:questionnaire:1">
41	······<ocil:title>Fi~~refox~~·autoplay·must·be·~~disabl~~ed.</ocil:title>	23	······<ocil:title>Disable·auto-download·for·proscribed·MIME·types.</ocil:title>
42	······<ocil:actions>	24	······<ocil:actions>
43	········<ocil:test_action_ref>ocil:ssg-firefox_p~~oli~~cy-autoplay_vi~~deo~~_action:testaction:1</ocil:test_action_ref>	25	········<ocil:test_action_ref>ocil:ssg-firefox_preferences-auto-download_actions_action:testaction:1</ocil:test_action_ref>
44	······</ocil:actions>	26	······</ocil:actions>
45	····</ocil:questionnaire>	27	····</ocil:questionnaire>
46	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-pop-up_windows_ocil:questionnaire:1">	28	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-pop-up_windows_ocil:questionnaire:1">
47	······<ocil:title>Enable·Firefox·Pop-up·Blocker</ocil:title>	29	······<ocil:title>Enable·Firefox·Pop-up·Blocker</ocil:title>
48	······<ocil:actions>	30	······<ocil:actions>
49	········<ocil:test_action_ref>ocil:ssg-firefox_policy-pop-up_windows_action:testaction:1</ocil:test_action_ref>	31	········<ocil:test_action_ref>ocil:ssg-firefox_policy-pop-up_windows_action:testaction:1</ocil:test_action_ref>
50	······</ocil:actions>	32	······</ocil:actions>
51	····</ocil:questionnaire>	33	····</ocil:questionnaire>
52	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-javascript_window_changes_ocil:questionnaire:1">
53	······<ocil:title>Disable·JavaScript's·Raise·Or·Lower·Windows·Capability</ocil:title>
54	······<ocil:actions>
55	········<ocil:test_action_ref>ocil:ssg-firefox_policy-javascript_window_changes_action:testaction:1</ocil:test_action_ref>
56	······</ocil:actions>
57	····</ocil:questionnaire>
58	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-disable_pocket_ocil:questionnaire:1">	34	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-disable_pocket_ocil:questionnaire:1">
59	······<ocil:title>Disable·Firefox·Pocket</ocil:title>	35	······<ocil:title>Disable·Firefox·Pocket</ocil:title>
60	······<ocil:actions>	36	······<ocil:actions>
61	········<ocil:test_action_ref>ocil:ssg-firefox_policy-disable_pocket_action:testaction:1</ocil:test_action_ref>	37	········<ocil:test_action_ref>ocil:ssg-firefox_policy-disable_pocket_action:testaction:1</ocil:test_action_ref>
62	······</ocil:actions>	38	······</ocil:actions>
63	····</ocil:questionnaire>	39	····</ocil:questionnaire>
64	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-~~dis~~able_st~~udi~~es_ocil:questionnaire:1">	40	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-telemetry_ocil:questionnaire:1">
65	······<ocil:title>Disable·Firefox·~~Studi~~es</ocil:title>	41	······<ocil:title>Disable·Firefox·Telemetry</ocil:title>
66	······<ocil:actions>
67	········<ocil:test_action_ref>ocil:ssg-firefox_policy-disable_studies_action:testaction:1</ocil:test_action_ref>
68	······</ocil:actions>
69	····</ocil:questionnaire>
70	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-forget_button_ocil:questionnaire:1">
71	······<ocil:title>Firefox·must·prevent·the·user·from·quickly·deleting·data.</ocil:title>
72	······<ocil:actions>	42	······<ocil:actions>
73	········<ocil:test_action_ref>ocil:ssg-firefox_policy-~~for~~get~~_but~~ton_action:testaction:1</ocil:test_action_ref>	43	········<ocil:test_action_ref>ocil:ssg-firefox_policy-telemetry_action:testaction:1</ocil:test_action_ref>
74	······</ocil:actions>	44	······</ocil:actions>
75	····</ocil:questionnaire>	45	····</ocil:questionnaire>
76	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-verification_ocil:questionnaire:1">	46	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-verification_ocil:questionnaire:1">
77	······<ocil:title>Enable·Certificate·Verification</ocil:title>	47	······<ocil:title>Enable·Certificate·Verification</ocil:title>
78	······<ocil:actions>	48	······<ocil:actions>
79	········<ocil:test_action_ref>ocil:ssg-firefox_policy-verification_action:testaction:1</ocil:test_action_ref>	49	········<ocil:test_action_ref>ocil:ssg-firefox_policy-verification_action:testaction:1</ocil:test_action_ref>
80	······</ocil:actions>	50	······</ocil:actions>
81	····</ocil:questionnaire>	51	····</ocil:questionnaire>
82	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-search_~~update~~_ocil:questionnaire:1">	52	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-enhanced_tracking_ocil:questionnaire:1">
83	······<ocil:title>Disable~~·Installed·Se~~arch·~~Plug~~ins·U~~pda~~t~~e·Ch~~ecking</ocil:title>	53	······<ocil:title>Enabled·Firefox·Enhanced·Tracking·Protection</ocil:title>
84	······<ocil:actions>	54	······<ocil:actions>
85	········<ocil:test_action_ref>ocil:ssg-firefox_policy-search_~~update~~_action:testaction:1</ocil:test_action_ref>	55	········<ocil:test_action_ref>ocil:ssg-firefox_policy-enhanced_tracking_action:testaction:1</ocil:test_action_ref>
86	······</ocil:actions>	56	······</ocil:actions>
87	····</ocil:questionnaire>	57	····</ocil:questionnaire>
88	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-exte~~nsion~~_update_ocil:questionnaire:1">	58	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-autoplay_video_ocil:questionnaire:1">
89	······<ocil:title>Firefox·~~must·be·configured·to·not·~~auto~~matically·u~~pdate·installed·add-ons·a~~nd·~~pl~~ugi~~ns.</ocil:title>	59	······<ocil:title>Firefox·autoplay·must·be·disabled.</ocil:title>
90	······<ocil:actions>	60	······<ocil:actions>
91	········<ocil:test_action_ref>ocil:ssg-firefox_policy-exte~~nsion~~_update_action:testaction:1</ocil:test_action_ref>	61	········<ocil:test_action_ref>ocil:ssg-firefox_policy-autoplay_video_action:testaction:1</ocil:test_action_ref>
92	······</ocil:actions>	62	······</ocil:actions>
93	····</ocil:questionnaire>	63	····</ocil:questionnaire>
94	····<ocil:questionnaire·id="ocil:ssg-installed_firefox_version_supported_ocil:questionnaire:1">
95	······<ocil:~~title>Suppo~~r~~ted·Vers~~i~~on·of·F~~irefox~~·In~~st~~all~~e~~d</~~ocil:title>	64	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-javascript_window_resizing_ocil:questionnaire:1">
		65	······<ocil:title>Disable·JavaScript's·Moving·Or·Resizing·Windows·Capability</ocil:title>
96	······<ocil:actions>	66	······<ocil:actions>
97	········<ocil:test_action_ref>ocil:ssg-~~installed_f~~i~~refox_vers~~ion_~~supp~~or~~ted~~_action:testaction:1</ocil:test_action_ref>	67	········<ocil:test_action_ref>ocil:ssg-firefox_policy-javascript_window_resizing_action:testaction:1</ocil:test_action_ref>
98	······</ocil:actions>	68	······</ocil:actions>
99	····</ocil:questionnaire>	69	····</ocil:questionnaire>
100	····<ocil:questionnaire·id="ocil:ssg-firefox_p~~referen~~ces-auto-do~~wnload_a~~ctions_ocil:questionnaire:1">	70	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-network_prediction_ocil:questionnaire:1">
101	······<ocil:title>Disable·a~~uto-d~~own~~load·f~~or·p~~rosc~~ribed~~·MIM~~E·typ~~es.~~</ocil:title>	71	······<ocil:title>Disable·Firefox·network·prediction</ocil:title>
102	······<ocil:actions>	72	······<ocil:actions>
		73	········<ocil:test_action_ref>ocil:ssg-firefox_policy-network_prediction_action:testaction:1</ocil:test_action_ref>
		74	······</ocil:actions>
		75	····</ocil:questionnaire>
		76	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-development_tools_ocil:questionnaire:1">
		77	······<ocil:title>Disable·Firefox·Development·Tools</ocil:title>
		78	······<ocil:actions>
103	········<ocil:test_action_ref>ocil:ssg-firefox_p~~referen~~c~~es-aut~~o-d~~own~~lo~~ad_ac~~tions_action:testaction:1</ocil:test_action_ref>	79	········<ocil:test_action_ref>ocil:ssg-firefox_policy-development_tools_action:testaction:1</ocil:test_action_ref>
		80	······</ocil:actions>
		81	····</ocil:questionnaire>
		82	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-forget_button_ocil:questionnaire:1">
		83	······<ocil:title>Firefox·must·prevent·the·user·from·quickly·deleting·data.</ocil:title>
		84	······<ocil:actions>
		85	········<ocil:test_action_ref>ocil:ssg-firefox_policy-forget_button_action:testaction:1</ocil:test_action_ref>
104	······</ocil:actions>	86	······</ocil:actions>
105	····</ocil:questionnaire>	87	····</ocil:questionnaire>
106	····<ocil:questionnaire·id="ocil:ssg-firefox_preferences-dod_root_certificate_installed_ocil:questionnaire:1">	88	····<ocil:questionnaire·id="ocil:ssg-firefox_preferences-dod_root_certificate_installed_ocil:questionnaire:1">
107	······<ocil:title>The·DoD·Root·Certificate·Exists</ocil:title>	89	······<ocil:title>The·DoD·Root·Certificate·Exists</ocil:title>
108	······<ocil:actions>	90	······<ocil:actions>
109	········<ocil:test_action_ref>ocil:ssg-firefox_preferences-dod_root_certificate_installed_action:testaction:1</ocil:test_action_ref>	91	········<ocil:test_action_ref>ocil:ssg-firefox_preferences-dod_root_certificate_installed_action:testaction:1</ocil:test_action_ref>
110	······</ocil:actions>	92	······</ocil:actions>
111	····</ocil:questionnaire>	93	····</ocil:questionnaire>
112	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-~~tele~~m~~etry~~_ocil:questionnaire:1">	94	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-cryptomining_ocil:questionnaire:1">
113	······<ocil:title>Disable·Firefox·~~Tele~~metry</ocil:title>	95	······<ocil:title>Enabled·Firefox·Cryptomining·protection</ocil:title>
114	······<ocil:actions>	96	······<ocil:actions>
115	········<ocil:test_action_ref>ocil:ssg-firefox_policy-~~tele~~m~~etry~~_action:testaction:1</ocil:test_action_ref>	97	········<ocil:test_action_ref>ocil:ssg-firefox_policy-cryptomining_action:testaction:1</ocil:test_action_ref>
116	······</ocil:actions>	98	······</ocil:actions>
Max diff block lines reached; 36692/46433 bytes (79.02%) of diff not shown.


Offset 38493, 24 lines modified		Offset 38493, 24 lines modified
000965c0:·723e·3c74·723e·3c74·683e·5374·7261·7465··r><tr><th>Strate		000965c0:·723e·3c74·723e·3c74·683e·5374·7261·7465··r><tr><th>Strate
000965d0:·6779·3a3c·2f74·683e·3c74·643e·636f·6e66··gy:</th><td>conf		000965d0:·6779·3a3c·2f74·683e·3c74·643e·636f·6e66··gy:</th><td>conf
000965e0:·6967·7572·653c·2f74·643e·3c2f·7472·3e3c··igure</td></tr><		000965e0:·6967·7572·653c·2f74·643e·3c2f·7472·3e3c··igure</td></tr><
000965f0:·2f74·6162·6c65·3e3c·7072·653e·3c63·6f64··/table><pre><cod		000965f0:·2f74·6162·6c65·3e3c·7072·653e·3c63·6f64··/table><pre><cod
00096600:·653e·2320·5265·6d65·6469·6174·696f·6e20··e>#·Remediation·		00096600:·653e·2320·5265·6d65·6469·6174·696f·6e20··e>#·Remediation·
00096610:·6973·2061·7070·6c69·6361·626c·6520·6f6e··is·applicable·on		00096610:·6973·2061·7070·6c69·6361·626c·6520·6f6e··is·applicable·on
00096620:·6c79·2069·6e20·6365·7274·6169·6e20·706c··ly·in·certain·pl		00096620:·6c79·2069·6e20·6365·7274·6169·6e20·706c··ly·in·certain·pl
00096630:·6174·666f·726d·730a·6966·2064·706b·672d··atforms.if·~~dpkg~~-		00096630:·6174·666f·726d·730a·6966·205b·2021·202d··atforms.if·[·!·-
		00096640:·6620·2f73·7973·2f66·6972·6d77·6172·652f··f·/sys/firmware/
00096640:·7175·6572·7920·2d2d·7368·6f77·202d·2d73··query·--show·--s
00096650:·686f·7766·6f72·6d61·743d·2724·7b64·623a··howformat='${db:
00096660:·5374·6174·7573·2d53·7461·7475·737d·5c6e··Status-Status}\n
00096670:·2720·2767·7275·6232·2d63·6f6d·6d6f·6e27··'·'grub2-common'
00096680:·2032·2667·743b·2f64·6576·2f6e·756c·6c20···2>/dev/null·
00096690:·7c20·6772·6570·202d·7120·696e·7374·616c··\|·grep·-q·instal
000966a0:·6c65·6420·2661·6d70·3b26·616d·703b·2~~05b·~~·led·&&·[		00096650:·6566·6920·5d20·2661·6d70·3b26·616d·703b··efi·]·&&
000966b0:·2021·202d·6620·2f73·7973·2f66·6972·6d77···!·-f·/sys/firmw
000966c0:·6172·652f·~~6566~~·6~~920~~·5d20·2~~661~~·6d70·3b26··~~are/efi·]·&&~~		00096660:·2064·706b·672d·7175·6572·7920·2d2d·7368···dpkg-query·--sh
		00096670:·6f77·202d·2d73·686f·7766·6f72·6d61·743d··ow·--showformat=
		00096680:·2724·7b64·623a·5374·6174·7573·2d53·7461··'${db:Status-Sta
		00096690:·7475·737d·5c6e·2720·2767·7275·6232·2d63··tus}\n'·'grub2-c
		000966a0:·6f6d·6d6f·6e27·2032·2667·743b·2f64·6576··ommon'·2>/dev
		000966b0:·2f6e·756c·6c20·7c20·6772·6570·202d·7120··/null·\|·grep·-q·
		000966c0:·696e·7374·616c·6c65·6420·2661·6d70·3b26··installed·&&
000966d0:·616d·703b·207b·205b·2021·202d·6620·2f2e··amp;·{·[·!·-f·/.		000966d0:·616d·703b·207b·205b·2021·202d·6620·2f2e··amp;·{·[·!·-f·/.
000966e0:·646f·636b·6572·656e·7620·5d20·2661·6d70··dockerenv·]·&amp		000966e0:·646f·636b·6572·656e·7620·5d20·2661·6d70··dockerenv·]·&amp
000966f0:·3b26·616d·703b·205b·2021·202d·6620·2f72··;&·[·!·-f·/r		000966f0:·3b26·616d·703b·205b·2021·202d·6620·2f72··;&·[·!·-f·/r
00096700:·756e·2f2e·636f·6e74·6169·6e65·7265·6e76··un/.containerenv		00096700:·756e·2f2e·636f·6e74·6169·6e65·7265·6e76··un/.containerenv
00096710:·205d·3b20·7d3b·2074·6865·6e0a·0a63·686f···];·};·then..cho		00096710:·205d·3b20·7d3b·2074·6865·6e0a·0a63·686f···];·};·then..cho
00096720:·776e·2030·202f·626f·6f74·2f67·7275·622f··wn·0·/boot/grub/		00096720:·776e·2030·202f·626f·6f74·2f67·7275·622f··wn·0·/boot/grub/
00096730:·6772·7562·2e63·6667·0a0a·656c·7365·0a20··grub.cfg..else.·		00096730:·6772·7562·2e63·6667·0a0a·656c·7365·0a20··grub.cfg..else.·
Offset 38571, 22 lines modified		Offset 38571, 22 lines modified
00096aa0:·0a2d·206e·616d·653a·2054·6573·7420·666f··.-·name:·Test·fo		00096aa0:·0a2d·206e·616d·653a·2054·6573·7420·666f··.-·name:·Test·fo
00096ab0:·7220·6578·6973·7465·6e63·6520·2f62·6f6f··r·existence·/boo		00096ab0:·7220·6578·6973·7465·6e63·6520·2f62·6f6f··r·existence·/boo
00096ac0:·742f·6772·7562·2f67·7275·622e·6366·670a··t/grub/grub.cfg.		00096ac0:·742f·6772·7562·2f67·7275·622e·6366·670a··t/grub/grub.cfg.
00096ad0:·2020·7374·6174·3a0a·2020·2020·7061·7468····stat:.····path		00096ad0:·2020·7374·6174·3a0a·2020·2020·7061·7468····stat:.····path
00096ae0:·3a20·2f62·6f6f·742f·6772·7562·2f67·7275··:·/boot/grub/gru		00096ae0:·3a20·2f62·6f6f·742f·6772·7562·2f67·7275··:·/boot/grub/gru
00096af0:·622e·6366·670a·2020·7265·6769·7374·6572··b.cfg.··register		00096af0:·622e·6366·670a·2020·7265·6769·7374·6572··b.cfg.··register
00096b00:·3a20·6669·6c65·5f65·7869·7374·730a·2020··:·file_exists.··		00096b00:·3a20·6669·6c65·5f65·7869·7374·730a·2020··:·file_exists.··
00096b10:·7768·656e·3a0a·2020·2d20·2722·~~677~~2·7562··when:.··-·'"~~grub~~		00096b10:·7768·656e·3a0a·2020·2d20·2722·2f62·6f6f··when:.··-·'"/boo
00096b20:·322d·636f·6d6d·6f6e·2220·696e·2061·6e73··2-common"·in·ans
00096b30:·6962·6c65·5f66·6163·7473·2e70·6163·6b61··ible_facts.packa
00096b40:·6765·7327·0a20·202d·2027·222f·626f·6f74··ges'.··-·'"/boot
00096b50:·2f65·6669·2220·6e6f·7420·696e·2061·6e73··/efi"·not·in·ans
00096b60:·6962·6c65·5f6d·6f75·6e74·7320·7c20·6d61··ible_mounts·\|·ma
00096b70:·7028·6174·7472·6962·7574·653d·226d·6f75··p(attribute="mou
00096b80:·~~6e74~~·~~2229~~·~~207c~~·206c·6973·~~7427~~·0a20·~~202d~~··~~nt")·\|~~·~~list'.~~··-		00096b20:·742f·6566·6922·206e·6f74·2069·6e20·616e··t/efi"·not·in·an
		00096b30:·7369·626c·655f·6d6f·756e·7473·207c·206d··sible_mounts·\|·m
		00096b40:·6170·2861·7474·7269·6275·7465·3d22·6d6f··ap(attribute="mo
		00096b50:·756e·7422·2920·7c20·6c69·7374·270a·2020··unt")·\|·list'.··
		00096b60:·2d20·2722·6772·7562·322d·636f·6d6d·6f6e··-·'"grub2-common
		00096b70:·2220·696e·2061·6e73·6962·6c65·5f66·6163··"·in·ansible_fac
		00096b80:·7473·2e70·6163·6b61·6765·7327·0a20·202d··ts.packages'.··-
00096b90:·2061·6e73·6962·6c65·5f76·6972·7475·616c···ansible_virtual		00096b90:·2061·6e73·6962·6c65·5f76·6972·7475·616c···ansible_virtual
00096ba0:·697a·6174·696f·6e5f·7479·7065·206e·6f74··ization_type·not		00096ba0:·697a·6174·696f·6e5f·7479·7065·206e·6f74··ization_type·not
00096bb0:·2069·6e20·5b22·646f·636b·6572·222c·2022···in·["docker",·"		00096bb0:·2069·6e20·5b22·646f·636b·6572·222c·2022···in·["docker",·"
00096bc0:·6c78·6322·2c20·226f·7065·6e76·7a22·2c20··lxc",·"openvz",·		00096bc0:·6c78·6322·2c20·226f·7065·6e76·7a22·2c20··lxc",·"openvz",·
00096bd0:·2270·6f64·6d61·6e22·2c20·2263·6f6e·7461··"podman",·"conta		00096bd0:·2270·6f64·6d61·6e22·2c20·2263·6f6e·7461··"podman",·"conta
00096be0:·696e·6572·225d·0a20·2074·6167·733a·0a20··iner"].··tags:.·		00096be0:·696e·6572·225d·0a20·2074·6167·733a·0a20··iner"].··tags:.·
00096bf0:·202d·2043·4a49·532d·352e·352e·322e·320a···-·CJIS-5.5.2.2.		00096bf0:·202d·2043·4a49·532d·352e·352e·322e·320a···-·CJIS-5.5.2.2.
Offset 38606, 22 lines modified		Offset 38606, 22 lines modified
00096cd0:·6f74·5f6e·6565·6465·640a·0a2d·206e·616d··ot_needed..-·nam		00096cd0:·6f74·5f6e·6565·6465·640a·0a2d·206e·616d··ot_needed..-·nam
00096ce0:·653a·2045·6e73·7572·6520·6f77·6e65·7220··e:·Ensure·owner·		00096ce0:·653a·2045·6e73·7572·6520·6f77·6e65·7220··e:·Ensure·owner·
00096cf0:·3020·6f6e·202f·626f·6f74·2f67·7275·622f··0·on·/boot/grub/		00096cf0:·3020·6f6e·202f·626f·6f74·2f67·7275·622f··0·on·/boot/grub/
00096d00:·6772·7562·2e63·6667·0a20·2066·696c·653a··grub.cfg.··file:		00096d00:·6772·7562·2e63·6667·0a20·2066·696c·653a··grub.cfg.··file:
00096d10:·0a20·2020·2070·6174·683a·202f·626f·6f74··.····path:·/boot		00096d10:·0a20·2020·2070·6174·683a·202f·626f·6f74··.····path:·/boot
00096d20:·2f67·7275·622f·6772·7562·2e63·6667·0a20··/grub/grub.cfg.·		00096d20:·2f67·7275·622f·6772·7562·2e63·6667·0a20··/grub/grub.cfg.·
00096d30:·2020·206f·776e·6572·3a20·2730·270a·2020·····owner:·'0'.··		00096d30:·2020·206f·776e·6572·3a20·2730·270a·2020·····owner:·'0'.··
00096d40:·7768·656e·3a0a·2020·2d20·2722·~~677~~2·7562··when:.··-·'"~~grub~~		00096d40:·7768·656e·3a0a·2020·2d20·2722·2f62·6f6f··when:.··-·'"/boo
00096d50:·322d·636f·6d6d·6f6e·2220·696e·2061·6e73··2-common"·in·ans
00096d60:·6962·6c65·5f66·6163·7473·2e70·6163·6b61··ible_facts.packa
00096d70:·6765·7327·0a20·202d·2027·222f·626f·6f74··ges'.··-·'"/boot
00096d80:·2f65·6669·2220·6e6f·7420·696e·2061·6e73··/efi"·not·in·ans
00096d90:·6962·6c65·5f6d·6f75·6e74·7320·7c20·6d61··ible_mounts·\|·ma
00096da0:·7028·6174·7472·6962·7574·653d·226d·6f75··p(attribute="mou
00096db0:·~~6e74~~·~~2229~~·~~207c~~·206c·6973·~~7427~~·0a20·~~202d~~··~~nt")·\|~~·~~list'.~~··-		00096d50:·742f·6566·6922·206e·6f74·2069·6e20·616e··t/efi"·not·in·an
		00096d60:·7369·626c·655f·6d6f·756e·7473·207c·206d··sible_mounts·\|·m
		00096d70:·6170·2861·7474·7269·6275·7465·3d22·6d6f··ap(attribute="mo
		00096d80:·756e·7422·2920·7c20·6c69·7374·270a·2020··unt")·\|·list'.··
		00096d90:·2d20·2722·6772·7562·322d·636f·6d6d·6f6e··-·'"grub2-common
		00096da0:·2220·696e·2061·6e73·6962·6c65·5f66·6163··"·in·ansible_fac
		00096db0:·7473·2e70·6163·6b61·6765·7327·0a20·202d··ts.packages'.··-
00096dc0:·2061·6e73·6962·6c65·5f76·6972·7475·616c···ansible_virtual		00096dc0:·2061·6e73·6962·6c65·5f76·6972·7475·616c···ansible_virtual
00096dd0:·697a·6174·696f·6e5f·7479·7065·206e·6f74··ization_type·not		00096dd0:·697a·6174·696f·6e5f·7479·7065·206e·6f74··ization_type·not
00096de0:·2069·6e20·5b22·646f·636b·6572·222c·2022···in·["docker",·"		00096de0:·2069·6e20·5b22·646f·636b·6572·222c·2022···in·["docker",·"
00096df0:·6c78·6322·2c20·226f·7065·6e76·7a22·2c20··lxc",·"openvz",·		00096df0:·6c78·6322·2c20·226f·7065·6e76·7a22·2c20··lxc",·"openvz",·
00096e00:·2270·6f64·6d61·6e22·2c20·2263·6f6e·7461··"podman",·"conta		00096e00:·2270·6f64·6d61·6e22·2c20·2263·6f6e·7461··"podman",·"conta
00096e10:·696e·6572·225d·0a20·202d·2066·696c·655f··iner"].··-·file_		00096e10:·696e·6572·225d·0a20·202d·2066·696c·655f··iner"].··-·file_
00096e20:·6578·6973·7473·2e73·7461·7420·6973·2064··exists.stat·is·d		00096e20:·6578·6973·7473·2e73·7461·7420·6973·2064··exists.stat·is·d
Offset 39063, 24 lines modified		Offset 39063, 24 lines modified
00098960:·3c2f·7472·3e3c·7472·3e3c·7468·3e53·7472··</tr><tr><th>Str		00098960:·3c2f·7472·3e3c·7472·3e3c·7468·3e53·7472··</tr><tr><th>Str
00098970:·6174·6567·793a·3c2f·7468·3e3c·7464·3e63··ategy:</th><td>c		00098970:·6174·6567·793a·3c2f·7468·3e3c·7464·3e63··ategy:</th><td>c
00098980:·6f6e·6669·6775·7265·3c2f·7464·3e3c·2f74··onfigure</td></t		00098980:·6f6e·6669·6775·7265·3c2f·7464·3e3c·2f74··onfigure</td></t
00098990:·723e·3c2f·7461·626c·653e·3c70·7265·3e3c··r></table><pre><		00098990:·723e·3c2f·7461·626c·653e·3c70·7265·3e3c··r></table><pre><
000989a0:·636f·6465·3e23·2052·656d·6564·6961·7469··code>#·Remediati		000989a0:·636f·6465·3e23·2052·656d·6564·6961·7469··code>#·Remediati
000989b0:·6f6e·2069·7320·6170·706c·6963·6162·6c65··on·is·applicable		000989b0:·6f6e·2069·7320·6170·706c·6963·6162·6c65··on·is·applicable
000989c0:·206f·6e6c·7920·696e·2063·6572·7461·696e···only·in·certain		000989c0:·206f·6e6c·7920·696e·2063·6572·7461·696e···only·in·certain
000989d0:·2070·6c61·7466·6f72·6d73·0a69·6620·~~647~~0···platforms.if·dp		000989d0:·2070·6c61·7466·6f72·6d73·0a69·6620·5b20···platforms.if·[·
000989e0:·6b67·2d71·7565·7279·202d·2d73·686f·7720··kg-query·--show·
000989f0:·2d2d·7368·6f77·666f·726d·6174·3d27·247b··--showformat='${
00098a00:·6462·3a53·7461·7475·732d·5374·6174·7573··db:Status-Status
00098a10:·7d5c·6e27·2027·6772·7562·322d·636f·6d6d··}\n'·'grub2-comm
00098a20:·6f6e·2720·3226·6774·3b2f·6465·762f·6e75··on'·2>/dev/nu
00098a30:·6c6c·207c·2067·7265·7020·2d71·2069·6e73··ll·\|·grep·-q·ins
00098a40:·7461·6c6c·6564·2026·616d·703b·2661·6d70··talled·&&amp
00098a50:~~·3b20·5b20~~·2120·2d66·202f·7379·732f·6669··~~;·[~~·!·-f·/sys/fi		000989e0:·2120·2d66·202f·7379·732f·6669·726d·7761··!·-f·/sys/firmwa
00098a60:~~·726d·7761~~·7265·2f65·6669·205d·2026·616d··~~rmwa~~re/efi·]·&am		000989f0:·7265·2f65·6669·205d·2026·616d·703b·2661··re/efi·]·&&a
		00098a00:·6d70·3b20·6470·6b67·2d71·7565·7279·202d··mp;·dpkg-query·-
		00098a10:·2d73·686f·7720·2d2d·7368·6f77·666f·726d··-show·--showform
		00098a20:·6174·3d27·247b·6462·3a53·7461·7475·732d··at='${db:Status-
		00098a30:·5374·6174·7573·7d5c·6e27·2027·6772·7562··Status}\n'·'grub
		00098a40:·322d·636f·6d6d·6f6e·2720·3226·6774·3b2f··2-common'·2>/
		00098a50:·6465·762f·6e75·6c6c·207c·2067·7265·7020··dev/null·\|·grep·
		00098a60:·2d71·2069·6e73·7461·6c6c·6564·2026·616d··-q·installed·&am
00098a70:·703b·2661·6d70·3b20·7b20·5b20·2120·2d66··p;&·{·[·!·-f		00098a70:·703b·2661·6d70·3b20·7b20·5b20·2120·2d66··p;&·{·[·!·-f
00098a80:·202f·2e64·6f63·6b65·7265·6e76·205d·2026···/.dockerenv·]·&		00098a80:·202f·2e64·6f63·6b65·7265·6e76·205d·2026···/.dockerenv·]·&
00098a90:·616d·703b·2661·6d70·3b20·5b20·2120·2d66··amp;&·[·!·-f		00098a90:·616d·703b·2661·6d70·3b20·5b20·2120·2d66··amp;&·[·!·-f
00098aa0:·202f·7275·6e2f·2e63·6f6e·7461·696e·6572···/run/.container		00098aa0:·202f·7275·6e2f·2e63·6f6e·7461·696e·6572···/run/.container
00098ab0:·656e·7620·5d3b·207d·3b20·7468·656e·0a0a··env·];·};·then..		00098ab0:·656e·7620·5d3b·207d·3b20·7468·656e·0a0a··env·];·};·then..
00098ac0:·6368·6d6f·6420·752d·7873·2c67·2d78·7772··chmod·u-xs,g-xwr		00098ac0:·6368·6d6f·6420·752d·7873·2c67·2d78·7772··chmod·u-xs,g-xwr
00098ad0:·732c·6f2d·7877·7274·202f·626f·6f74·2f67··s,o-xwrt·/boot/g		00098ad0:·732c·6f2d·7877·7274·202f·626f·6f74·2f67··s,o-xwrt·/boot/g
Offset 39141, 21 lines modified		Offset 39141, 21 lines modified
00098e40:·7374·2066·6f72·2065·7869·7374·656e·6365··st·for·existence		00098e40:·7374·2066·6f72·2065·7869·7374·656e·6365··st·for·existence
00098e50:·202f·626f·6f74·2f67·7275·622f·6772·7562···/boot/grub/grub		00098e50:·202f·626f·6f74·2f67·7275·622f·6772·7562···/boot/grub/grub
00098e60:·2e63·6667·0a20·2073·7461·743a·0a20·2020··.cfg.··stat:.···		00098e60:·2e63·6667·0a20·2073·7461·743a·0a20·2020··.cfg.··stat:.···
00098e70:·2070·6174·683a·202f·626f·6f74·2f67·7275···path:·/boot/gru		00098e70:·2070·6174·683a·202f·626f·6f74·2f67·7275···path:·/boot/gru
00098e80:·622f·6772·7562·2e63·6667·0a20·2072·6567··b/grub.cfg.··reg		00098e80:·622f·6772·7562·2e63·6667·0a20·2072·6567··b/grub.cfg.··reg
Max diff block lines reached; 32928/42304 bytes (77.84%) of diff not shown.


Offset 3203, 16 lines modified		Offset 3203, 16 lines modified
3203	············A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),·PR.AC-4,·PR.DS-5,	3203	············A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),·PR.AC-4,·PR.DS-5,
3204	············Req-7.1,·1.5.2	3204	············Req-7.1,·1.5.2
3205	Remediation_Shell_script_⇲	3205	Remediation_Shell_script_⇲
3206	Complexity:·low	3206	Complexity:·low
3207	Disruption:·low	3207	Disruption:·low
3208	Strategy:···configure	3208	Strategy:···configure
3209	#·Remediation·is·applicable·only·in·certain·platforms	3209	#·Remediation·is·applicable·only·in·certain·platforms
3210	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/dev/~~null·\|·grep·-q·installed·&&·[·!~~	3210	if·[·!·-f·/sys/firmware/efi·]·&&·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/dev/
3211	-f·~~/sys/firmware/efi·]~~·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then	3211	null·\|·grep·-q·installed·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then

3212	chown·0·/boot/grub/grub.cfg	3212	chown·0·/boot/grub/grub.cfg

3213	else	3213	else
3214	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'	3214	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'
3215	fi	3215	fi
3216	Remediation_Ansible_snippet_⇲	3216	Remediation_Ansible_snippet_⇲
Offset 3236, 16 lines modified		Offset 3236, 16 lines modified
3236	··-·no_reboot_needed	3236	··-·no_reboot_needed

3237	-·name:·Test·for·existence·/boot/grub/grub.cfg	3237	-·name:·Test·for·existence·/boot/grub/grub.cfg
3238	··stat:	3238	··stat:
3239	····path:·/boot/grub/grub.cfg	3239	····path:·/boot/grub/grub.cfg
3240	··register:·file_exists	3240	··register:·file_exists
3241	··when:	3241	··when:
3242	··-·'"grub2-common"·in·ansible_facts.packages'
3243	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3242	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3243	··-·'"grub2-common"·in·ansible_facts.packages'
3244	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3244	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3245	··tags:	3245	··tags:
3246	··-·CJIS-5.5.2.2	3246	··-·CJIS-5.5.2.2
3247	··-·NIST-800-171-3.4.5	3247	··-·NIST-800-171-3.4.5
3248	··-·NIST-800-53-AC-6(1)	3248	··-·NIST-800-53-AC-6(1)
3249	··-·NIST-800-53-CM-6(a)	3249	··-·NIST-800-53-CM-6(a)
3250	··-·PCI-DSS-Req-7.1	3250	··-·PCI-DSS-Req-7.1
Offset 3257, 16 lines modified		Offset 3257, 16 lines modified
3257	··-·no_reboot_needed	3257	··-·no_reboot_needed

3258	-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg	3258	-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg
3259	··file:	3259	··file:
3260	····path:·/boot/grub/grub.cfg	3260	····path:·/boot/grub/grub.cfg
3261	····owner:·'0'	3261	····owner:·'0'
3262	··when:	3262	··when:
3263	··-·'"grub2-common"·in·ansible_facts.packages'
3264	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3263	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3264	··-·'"grub2-common"·in·ansible_facts.packages'
3265	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3265	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3266	··-·file_exists.stat·is·defined·and·file_exists.stat.exists	3266	··-·file_exists.stat·is·defined·and·file_exists.stat.exists
3267	··tags:	3267	··tags:
3268	··-·CJIS-5.5.2.2	3268	··-·CJIS-5.5.2.2
3269	··-·NIST-800-171-3.4.5	3269	··-·NIST-800-171-3.4.5
3270	··-·NIST-800-53-AC-6(1)	3270	··-·NIST-800-53-AC-6(1)
3271	··-·NIST-800-53-CM-6(a)	3271	··-·NIST-800-53-CM-6(a)
Offset 3292, 16 lines modified		Offset 3292, 16 lines modified
3292	············A.8.2.2,·A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),	3292	············A.8.2.2,·A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),
3293	············PR.AC-4,·PR.DS-5,·1.5.2	3293	············PR.AC-4,·PR.DS-5,·1.5.2
3294	Remediation_Shell_script_⇲	3294	Remediation_Shell_script_⇲
3295	Complexity:·low	3295	Complexity:·low
3296	Disruption:·low	3296	Disruption:·low
3297	Strategy:···configure	3297	Strategy:···configure
3298	#·Remediation·is·applicable·only·in·certain·platforms	3298	#·Remediation·is·applicable·only·in·certain·platforms
3299	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>~~/dev~~/~~null·\|·grep·-q·installed·&&~~	3299	if·[·!·-f·/sys/firmware/efi·]·&&·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/
3300	~~[·!·-f~~·~~/sys/firmware/efi·]~~·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then	3300	dev/null·\|·grep·-q·installed·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then

3301	chmod·u-xs,g-xwrs,o-xwrt·/boot/grub/grub.cfg	3301	chmod·u-xs,g-xwrs,o-xwrt·/boot/grub/grub.cfg

3302	else	3302	else
3303	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'	3303	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'
3304	fi	3304	fi
3305	Remediation_Ansible_snippet_⇲	3305	Remediation_Ansible_snippet_⇲
Offset 3323, 16 lines modified		Offset 3323, 16 lines modified
3323	··-·no_reboot_needed	3323	··-·no_reboot_needed

3324	-·name:·Test·for·existence·/boot/grub/grub.cfg	3324	-·name:·Test·for·existence·/boot/grub/grub.cfg
3325	··stat:	3325	··stat:
3326	····path:·/boot/grub/grub.cfg	3326	····path:·/boot/grub/grub.cfg
3327	··register:·file_exists	3327	··register:·file_exists
3328	··when:	3328	··when:
3329	··-·'"grub2-common"·in·ansible_facts.packages'
3330	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3329	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3330	··-·'"grub2-common"·in·ansible_facts.packages'
3331	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3331	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3332	··tags:	3332	··tags:
3333	··-·NIST-800-171-3.4.5	3333	··-·NIST-800-171-3.4.5
3334	··-·NIST-800-53-AC-6(1)	3334	··-·NIST-800-53-AC-6(1)
3335	··-·NIST-800-53-CM-6(a)	3335	··-·NIST-800-53-CM-6(a)
3336	··-·configure_strategy	3336	··-·configure_strategy
3337	··-·file_permissions_grub2_cfg	3337	··-·file_permissions_grub2_cfg
Offset 3342, 16 lines modified		Offset 3342, 16 lines modified
3342	··-·no_reboot_needed	3342	··-·no_reboot_needed

3343	-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg	3343	-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg
3344	··file:	3344	··file:
3345	····path:·/boot/grub/grub.cfg	3345	····path:·/boot/grub/grub.cfg
3346	····mode:·u-xs,g-xwrs,o-xwrt	3346	····mode:·u-xs,g-xwrs,o-xwrt
3347	··when:	3347	··when:
3348	··-·'"grub2-common"·in·ansible_facts.packages'
3349	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3348	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3349	··-·'"grub2-common"·in·ansible_facts.packages'
3350	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3350	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3351	··-·file_exists.stat·is·defined·and·file_exists.stat.exists	3351	··-·file_exists.stat·is·defined·and·file_exists.stat.exists
3352	··tags:	3352	··tags:
3353	··-·NIST-800-171-3.4.5	3353	··-·NIST-800-171-3.4.5
3354	··-·NIST-800-53-AC-6(1)	3354	··-·NIST-800-53-AC-6(1)
3355	··-·NIST-800-53-CM-6(a)	3355	··-·NIST-800-53-CM-6(a)
3356	··-·configure_strategy	3356	··-·configure_strategy
Offset 10636, 14 lines modified		Offset 10636, 30 lines modified
10636	············CCI-000366,·4.3.3.5.1,·4.3.3.5.2,·4.3.3.5.3,·4.3.3.5.4,·4.3.3.5.5,·4.3.3.5.6,·4.3.3.5.7,	10636	············CCI-000366,·4.3.3.5.1,·4.3.3.5.2,·4.3.3.5.3,·4.3.3.5.4,·4.3.3.5.5,·4.3.3.5.6,·4.3.3.5.7,
10637	Identifiers·4.3.3.5.8,·4.3.3.6.1,·4.3.3.6.2,·4.3.3.6.3,·4.3.3.6.4,·4.3.3.6.5,·4.3.3.6.6,·4.3.3.6.7,	10637	Identifiers·4.3.3.5.8,·4.3.3.6.1,·4.3.3.6.2,·4.3.3.6.3,·4.3.3.6.4,·4.3.3.6.5,·4.3.3.6.6,·4.3.3.6.7,
10638	and·········4.3.3.6.8,·4.3.3.6.9,·4.3.3.7.1,·4.3.3.7.2,·4.3.3.7.3,·4.3.3.7.4,·4.3.4.3.2,·4.3.4.3.3,·SR_1.1,	10638	and·········4.3.3.6.8,·4.3.3.6.9,·4.3.3.7.1,·4.3.3.7.2,·4.3.3.7.3,·4.3.3.7.4,·4.3.4.3.2,·4.3.4.3.3,·SR_1.1,
10639	References··SR_1.10,·SR_1.11,·SR_1.12,·SR_1.13,·SR_1.2,·SR_1.3,·SR_1.4,·SR_1.5,·SR_1.6,·SR_1.7,·SR_1.8,·SR	10639	References··SR_1.10,·SR_1.11,·SR_1.12,·SR_1.13,·SR_1.2,·SR_1.3,·SR_1.4,·SR_1.5,·SR_1.6,·SR_1.7,·SR_1.8,·SR
10640	············1.9,·SR_2.1,·SR_2.2,·SR_2.3,·SR_2.4,·SR_2.5,·SR_2.6,·SR_2.7,·SR_7.6,·A.12.1.2,·A.12.5.1,	10640	············1.9,·SR_2.1,·SR_2.2,·SR_2.3,·SR_2.4,·SR_2.5,·SR_2.6,·SR_2.7,·SR_7.6,·A.12.1.2,·A.12.5.1,
10641	············A.12.6.2,·A.14.2.2,·A.14.2.3,·A.14.2.4,·A.9.1.2,·CM-7(a),·CM-7(b),·CM-6(a),·PR.IP-1,·PR.PT-3,	10641	············A.12.6.2,·A.14.2.2,·A.14.2.3,·A.14.2.4,·A.9.1.2,·CM-7(a),·CM-7(b),·CM-6(a),·PR.IP-1,·PR.PT-3,
10642	············2.2.3	10642	············2.2.3
		10643	Remediation_OSBuild_Blueprint_snippet_⇲

		10644	[customizations.services]
		10645	disabled·=·["avahi-daemon"]
		10646	Remediation_Puppet_snippet_⇲
		10647	Complexity:·low
		10648	Disruption:·low
		10649	Strategy:···enable
		10650	include·disable_avahi-daemon

		10651	class·disable_avahi-daemon·{
		10652	··service·{'avahi-daemon':
		10653	····enable·=>·false,
		10654	····ensure·=>·'stopped',
Max diff block lines reached; 2796/7875 bytes (35.50%) of diff not shown.


Offset 40057, 23 lines modified		Offset 40057, 23 lines modified
0009c780:·3e53·7472·6174·6567·793a·3c2f·7468·3e3c··>Strategy:</th><		0009c780:·3e53·7472·6174·6567·793a·3c2f·7468·3e3c··>Strategy:</th><
0009c790:·7464·3e63·6f6e·6669·6775·7265·3c2f·7464··td>configure</td		0009c790:·7464·3e63·6f6e·6669·6775·7265·3c2f·7464··td>configure</td
0009c7a0:·3e3c·2f74·723e·3c2f·7461·626c·653e·3c70··></tr></table><p		0009c7a0:·3e3c·2f74·723e·3c2f·7461·626c·653e·3c70··></tr></table><p
0009c7b0:·7265·3e3c·636f·6465·3e23·2052·656d·6564··re><code>#·Remed		0009c7b0:·7265·3e3c·636f·6465·3e23·2052·656d·6564··re><code>#·Remed
0009c7c0:·6961·7469·6f6e·2069·7320·6170·706c·6963··iation·is·applic		0009c7c0:·6961·7469·6f6e·2069·7320·6170·706c·6963··iation·is·applic
0009c7d0:·6162·6c65·206f·6e6c·7920·696e·2063·6572··able·only·in·cer		0009c7d0:·6162·6c65·206f·6e6c·7920·696e·2063·6572··able·only·in·cer
0009c7e0:·7461·696e·2070·6c61·7466·6f72·6d73·0a69··tain·platforms.i		0009c7e0:·7461·696e·2070·6c61·7466·6f72·6d73·0a69··tain·platforms.i
		0009c7f0:·6620·5b20·2120·2d66·202f·7379·732f·6669··f·[·!·-f·/sys/fi
0009c7f0:·6620·6470·6b67·2d71·7565·7279·202d·2d73··f·dpkg-query·--s
0009c800:·686f·7720·2d2d·7368·6f77·666f·726d·6174··how·--showformat
0009c810:·3d27·247b·6462·3a53·7461·7475·732d·5374··='${db:Status-St
0009c820:·6174·7573·7d5c·6e27·2027·6772·7562·322d··atus}\n'·'grub2-
0009c830:·636f·6d6d·6f6e·2720·3226·6774·3b2f·6465··common'·2>/de
0009c840:·762f·6e75·6c6c·207c·2067·7265·7020·2d71··v/null·\|·grep·-q
0009c850:·2069·6e73·7461·6c6c·6564·2026·616d·703b···installed·&
0009c860:·2661·6d70·3b20·5b20·2120·2d66·202f·7379··&·[·!·-f·/sy
0009c870:~~·732f·6669~~·726d·7761·7265·2f65·6669·205d··~~s/fi~~rmware/efi·]		0009c800:·726d·7761·7265·2f65·6669·205d·2026·616d··rmware/efi·]·&am
		0009c810:·703b·2661·6d70·3b20·6470·6b67·2d71·7565··p;&·dpkg-que
		0009c820:·7279·202d·2d73·686f·7720·2d2d·7368·6f77··ry·--show·--show
		0009c830:·666f·726d·6174·3d27·247b·6462·3a53·7461··format='${db:Sta
		0009c840:·7475·732d·5374·6174·7573·7d5c·6e27·2027··tus-Status}\n'·'
		0009c850:·6772·7562·322d·636f·6d6d·6f6e·2720·3226··grub2-common'·2&
		0009c860:·6774·3b2f·6465·762f·6e75·6c6c·207c·2067··gt;/dev/null·\|·g
		0009c870:·7265·7020·2d71·2069·6e73·7461·6c6c·6564··rep·-q·installed
0009c880:·2026·616d·703b·2661·6d70·3b20·7b20·5b20···&&·{·[·		0009c880:·2026·616d·703b·2661·6d70·3b20·7b20·5b20···&&·{·[·
0009c890:·2120·2d66·202f·2e64·6f63·6b65·7265·6e76··!·-f·/.dockerenv		0009c890:·2120·2d66·202f·2e64·6f63·6b65·7265·6e76··!·-f·/.dockerenv
0009c8a0:·205d·2026·616d·703b·2661·6d70·3b20·5b20···]·&&·[·		0009c8a0:·205d·2026·616d·703b·2661·6d70·3b20·5b20···]·&&·[·
0009c8b0:·2120·2d66·202f·7275·6e2f·2e63·6f6e·7461··!·-f·/run/.conta		0009c8b0:·2120·2d66·202f·7275·6e2f·2e63·6f6e·7461··!·-f·/run/.conta
0009c8c0:·696e·6572·656e·7620·5d3b·207d·3b20·7468··inerenv·];·};·th		0009c8c0:·696e·6572·656e·7620·5d3b·207d·3b20·7468··inerenv·];·};·th
0009c8d0:·656e·0a0a·6368·6f77·6e20·3020·2f62·6f6f··en..chown·0·/boo		0009c8d0:·656e·0a0a·6368·6f77·6e20·3020·2f62·6f6f··en..chown·0·/boo
0009c8e0:·742f·6772·7562·2f67·7275·622e·6366·670a··t/grub/grub.cfg.		0009c8e0:·742f·6772·7562·2f67·7275·622e·6366·670a··t/grub/grub.cfg.
Offset 40135, 22 lines modified		Offset 40135, 22 lines modified
0009cc60:·5465·7374·2066·6f72·2065·7869·7374·656e··Test·for·existen		0009cc60:·5465·7374·2066·6f72·2065·7869·7374·656e··Test·for·existen
0009cc70:·6365·202f·626f·6f74·2f67·7275·622f·6772··ce·/boot/grub/gr		0009cc70:·6365·202f·626f·6f74·2f67·7275·622f·6772··ce·/boot/grub/gr
0009cc80:·7562·2e63·6667·0a20·2073·7461·743a·0a20··ub.cfg.··stat:.·		0009cc80:·7562·2e63·6667·0a20·2073·7461·743a·0a20··ub.cfg.··stat:.·
0009cc90:·2020·2070·6174·683a·202f·626f·6f74·2f67·····path:·/boot/g		0009cc90:·2020·2070·6174·683a·202f·626f·6f74·2f67·····path:·/boot/g
0009cca0:·7275·622f·6772·7562·2e63·6667·0a20·2072··rub/grub.cfg.··r		0009cca0:·7275·622f·6772·7562·2e63·6667·0a20·2072··rub/grub.cfg.··r
0009ccb0:·6567·6973·7465·723a·2066·696c·655f·6578··egister:·file_ex		0009ccb0:·6567·6973·7465·723a·2066·696c·655f·6578··egister:·file_ex
0009ccc0:·6973·7473·0a20·2077·6865·6e3a·0a20·202d··ists.··when:.··-		0009ccc0:·6973·7473·0a20·2077·6865·6e3a·0a20·202d··ists.··when:.··-
		0009ccd0:·2027·222f·626f·6f74·2f65·6669·2220·6e6f···'"/boot/efi"·no
		0009cce0:·7420·696e·2061·6e73·6962·6c65·5f6d·6f75··t·in·ansible_mou
		0009ccf0:·6e74·7320·7c20·6d61·7028·6174·7472·6962··nts·\|·map(attrib
0009ccd0:·2027·2267·7275·6232·2d63·6f6d·6d6f·6e22···'"grub2-common"
0009cce0:·2069·6e20·616e·7369·626c·655f·6661·6374···in·ansible_fact
0009ccf0:·732e·7061·636b·6167·6573·270a·2020·2d20··s.packages'.··-·
0009cd00:·2722·2f62·6f6f·742f·6566·6922·206e·6f74··'"/boot/efi"·not
0009cd10:·2069·6e20·616e·7369·626c·655f·6d6f·756e···in·ansible_moun
0009cd20:·7473·207c·206d·6170·2861·7474·7269·6275··ts·\|·map(attribu
0009cd30:·7465·3d22·6d6f·756e·7422·2920·7c20·6c69··te="mount")·\|·li		0009cd00:·7574·653d·226d·6f75·6e74·2229·207c·206c··ute="mount")·\|·l
		0009cd10:·6973·7427·0a20·202d·2027·2267·7275·6232··ist'.··-·'"grub2
		0009cd20:·2d63·6f6d·6d6f·6e22·2069·6e20·616e·7369··-common"·in·ansi
		0009cd30:·626c·655f·6661·6374·732e·7061·636b·6167··ble_facts.packag
0009cd40:·7374·270a·2020·2d20·616e·7369·626c·655f··st'.··-·ansible_		0009cd40:·6573·270a·2020·2d20·616e·7369·626c·655f··es'.··-·ansible_
0009cd50:·7669·7274·7561·6c69·7a61·7469·6f6e·5f74··virtualization_t		0009cd50:·7669·7274·7561·6c69·7a61·7469·6f6e·5f74··virtualization_t
0009cd60:·7970·6520·6e6f·7420·696e·205b·2264·6f63··ype·not·in·["doc		0009cd60:·7970·6520·6e6f·7420·696e·205b·2264·6f63··ype·not·in·["doc
0009cd70:·6b65·7222·2c20·226c·7863·222c·2022·6f70··ker",·"lxc",·"op		0009cd70:·6b65·7222·2c20·226c·7863·222c·2022·6f70··ker",·"lxc",·"op
0009cd80:·656e·767a·222c·2022·706f·646d·616e·222c··envz",·"podman",		0009cd80:·656e·767a·222c·2022·706f·646d·616e·222c··envz",·"podman",
0009cd90:·2022·636f·6e74·6169·6e65·7222·5d0a·2020···"container"].··		0009cd90:·2022·636f·6e74·6169·6e65·7222·5d0a·2020···"container"].··
0009cda0:·7461·6773·3a0a·2020·2d20·434a·4953·2d35··tags:.··-·CJIS-5		0009cda0:·7461·6773·3a0a·2020·2d20·434a·4953·2d35··tags:.··-·CJIS-5
0009cdb0:·2e35·2e32·2e32·0a20·202d·204e·4953·542d··.5.2.2.··-·NIST-		0009cdb0:·2e35·2e32·2e32·0a20·202d·204e·4953·542d··.5.2.2.··-·NIST-
Offset 40170, 22 lines modified		Offset 40170, 22 lines modified
0009ce90:·0a0a·2d20·6e61·6d65·3a20·456e·7375·7265··..-·name:·Ensure		0009ce90:·0a0a·2d20·6e61·6d65·3a20·456e·7375·7265··..-·name:·Ensure
0009cea0:·206f·776e·6572·2030·206f·6e20·2f62·6f6f···owner·0·on·/boo		0009cea0:·206f·776e·6572·2030·206f·6e20·2f62·6f6f···owner·0·on·/boo
0009ceb0:·742f·6772·7562·2f67·7275·622e·6366·670a··t/grub/grub.cfg.		0009ceb0:·742f·6772·7562·2f67·7275·622e·6366·670a··t/grub/grub.cfg.
0009cec0:·2020·6669·6c65·3a0a·2020·2020·7061·7468····file:.····path		0009cec0:·2020·6669·6c65·3a0a·2020·2020·7061·7468····file:.····path
0009ced0:·3a20·2f62·6f6f·742f·6772·7562·2f67·7275··:·/boot/grub/gru		0009ced0:·3a20·2f62·6f6f·742f·6772·7562·2f67·7275··:·/boot/grub/gru
0009cee0:·622e·6366·670a·2020·2020·6f77·6e65·723a··b.cfg.····owner:		0009cee0:·622e·6366·670a·2020·2020·6f77·6e65·723a··b.cfg.····owner:
0009cef0:·2027·3027·0a20·2077·6865·6e3a·0a20·202d···'0'.··when:.··-		0009cef0:·2027·3027·0a20·2077·6865·6e3a·0a20·202d···'0'.··when:.··-
		0009cf00:·2027·222f·626f·6f74·2f65·6669·2220·6e6f···'"/boot/efi"·no
		0009cf10:·7420·696e·2061·6e73·6962·6c65·5f6d·6f75··t·in·ansible_mou
		0009cf20:·6e74·7320·7c20·6d61·7028·6174·7472·6962··nts·\|·map(attrib
0009cf00:·2027·2267·7275·6232·2d63·6f6d·6d6f·6e22···'"grub2-common"
0009cf10:·2069·6e20·616e·7369·626c·655f·6661·6374···in·ansible_fact
0009cf20:·732e·7061·636b·6167·6573·270a·2020·2d20··s.packages'.··-·
0009cf30:·2722·2f62·6f6f·742f·6566·6922·206e·6f74··'"/boot/efi"·not
0009cf40:·2069·6e20·616e·7369·626c·655f·6d6f·756e···in·ansible_moun
0009cf50:·7473·207c·206d·6170·2861·7474·7269·6275··ts·\|·map(attribu
0009cf60:·7465·3d22·6d6f·756e·7422·2920·7c20·6c69··te="mount")·\|·li		0009cf30:·7574·653d·226d·6f75·6e74·2229·207c·206c··ute="mount")·\|·l
		0009cf40:·6973·7427·0a20·202d·2027·2267·7275·6232··ist'.··-·'"grub2
		0009cf50:·2d63·6f6d·6d6f·6e22·2069·6e20·616e·7369··-common"·in·ansi
		0009cf60:·626c·655f·6661·6374·732e·7061·636b·6167··ble_facts.packag
0009cf70:·7374·270a·2020·2d20·616e·7369·626c·655f··st'.··-·ansible_		0009cf70:·6573·270a·2020·2d20·616e·7369·626c·655f··es'.··-·ansible_
0009cf80:·7669·7274·7561·6c69·7a61·7469·6f6e·5f74··virtualization_t		0009cf80:·7669·7274·7561·6c69·7a61·7469·6f6e·5f74··virtualization_t
0009cf90:·7970·6520·6e6f·7420·696e·205b·2264·6f63··ype·not·in·["doc		0009cf90:·7970·6520·6e6f·7420·696e·205b·2264·6f63··ype·not·in·["doc
0009cfa0:·6b65·7222·2c20·226c·7863·222c·2022·6f70··ker",·"lxc",·"op		0009cfa0:·6b65·7222·2c20·226c·7863·222c·2022·6f70··ker",·"lxc",·"op
0009cfb0:·656e·767a·222c·2022·706f·646d·616e·222c··envz",·"podman",		0009cfb0:·656e·767a·222c·2022·706f·646d·616e·222c··envz",·"podman",
0009cfc0:·2022·636f·6e74·6169·6e65·7222·5d0a·2020···"container"].··		0009cfc0:·2022·636f·6e74·6169·6e65·7222·5d0a·2020···"container"].··
0009cfd0:·2d20·6669·6c65·5f65·7869·7374·732e·7374··-·file_exists.st		0009cfd0:·2d20·6669·6c65·5f65·7869·7374·732e·7374··-·file_exists.st
0009cfe0:·6174·2069·7320·6465·6669·6e65·6420·616e··at·is·defined·an		0009cfe0:·6174·2069·7320·6465·6669·6e65·6420·616e··at·is·defined·an
Offset 40627, 24 lines modified		Offset 40627, 24 lines modified
0009eb20:·3c74·683e·5374·7261·7465·6779·3a3c·2f74··<th>Strategy:</t		0009eb20:·3c74·683e·5374·7261·7465·6779·3a3c·2f74··<th>Strategy:</t
0009eb30:·683e·3c74·643e·636f·6e66·6967·7572·653c··h><td>configure<		0009eb30:·683e·3c74·643e·636f·6e66·6967·7572·653c··h><td>configure<
0009eb40:·2f74·643e·3c2f·7472·3e3c·2f74·6162·6c65··/td></tr></table		0009eb40:·2f74·643e·3c2f·7472·3e3c·2f74·6162·6c65··/td></tr></table
0009eb50:·3e3c·7072·653e·3c63·6f64·653e·2320·5265··><pre><code>#·Re		0009eb50:·3e3c·7072·653e·3c63·6f64·653e·2320·5265··><pre><code>#·Re
0009eb60:·6d65·6469·6174·696f·6e20·6973·2061·7070··mediation·is·app		0009eb60:·6d65·6469·6174·696f·6e20·6973·2061·7070··mediation·is·app
0009eb70:·6c69·6361·626c·6520·6f6e·6c79·2069·6e20··licable·only·in·		0009eb70:·6c69·6361·626c·6520·6f6e·6c79·2069·6e20··licable·only·in·
0009eb80:·6365·7274·6169·6e20·706c·6174·666f·726d··certain·platform		0009eb80:·6365·7274·6169·6e20·706c·6174·666f·726d··certain·platform
		0009eb90:·730a·6966·205b·2021·202d·6620·2f73·7973··s.if·[·!·-f·/sys
0009eb90:·730a·6966·2064·706b·672d·7175·6572·7920··s.if·dpkg-query·
0009eba0:·2d2d·7368·6f77·202d·2d73·686f·7766·6f72··--show·--showfor
0009ebb0:·6d61·743d·2724·7b64·623a·5374·6174·7573··mat='${db:Status
0009ebc0:·2d53·7461·7475·737d·5c6e·2720·2767·7275··-Status}\n'·'gru
0009ebd0:·6232·2d63·6f6d·6d6f·6e27·2032·2667·743b··b2-common'·2>
0009ebe0:·2f64·6576·2f6e·756c·6c20·7c20·6772·6570··/dev/null·\|·grep
0009ebf0:·202d·7120·696e·7374·616c·6c65·6420·2661···-q·installed·&a
0009ec00:·6d70·3b26·616d·703b·205b·2021·202d·6620··mp;&·[·!·-f·
0009ec10:~~·2f73·7973~~·2f66·6972·6d77·6172·652f·6566··~~/sys~~/firmware/ef		0009eba0:·2f66·6972·6d77·6172·652f·6566·6920·5d20··/firmware/efi·]·
		0009ebb0:·2661·6d70·3b26·616d·703b·2064·706b·672d··&&·dpkg-
		0009ebc0:·7175·6572·7920·2d2d·7368·6f77·202d·2d73··query·--show·--s
		0009ebd0:·686f·7766·6f72·6d61·743d·2724·7b64·623a··howformat='${db:
		0009ebe0:·5374·6174·7573·2d53·7461·7475·737d·5c6e··Status-Status}\n
		0009ebf0:·2720·2767·7275·6232·2d63·6f6d·6d6f·6e27··'·'grub2-common'
		0009ec00:·2032·2667·743b·2f64·6576·2f6e·756c·6c20···2>/dev/null·
		0009ec10:·7c20·6772·6570·202d·7120·696e·7374·616c··\|·grep·-q·instal
0009ec20:·6~~920~~·5d20·2661·6d70·3b26·616d·703b·207b··~~i·]~~·&&·{		0009ec20:·6c65·6420·2661·6d70·3b26·616d·703b·207b··led·&&·{
0009ec30:·205b·2021·202d·6620·2f2e·646f·636b·6572···[·!·-f·/.docker		0009ec30:·205b·2021·202d·6620·2f2e·646f·636b·6572···[·!·-f·/.docker
0009ec40:·656e·7620·5d20·2661·6d70·3b26·616d·703b··env·]·&&		0009ec40:·656e·7620·5d20·2661·6d70·3b26·616d·703b··env·]·&&
0009ec50:·205b·2021·202d·6620·2f72·756e·2f2e·636f···[·!·-f·/run/.co		0009ec50:·205b·2021·202d·6620·2f72·756e·2f2e·636f···[·!·-f·/run/.co
0009ec60:·6e74·6169·6e65·7265·6e76·205d·3b20·7d3b··ntainerenv·];·};		0009ec60:·6e74·6169·6e65·7265·6e76·205d·3b20·7d3b··ntainerenv·];·};
0009ec70:·2074·6865·6e0a·0a63·686d·6f64·2075·2d78···then..chmod·u-x		0009ec70:·2074·6865·6e0a·0a63·686d·6f64·2075·2d78···then..chmod·u-x
0009ec80:·732c·672d·7877·7273·2c6f·2d78·7772·7420··s,g-xwrs,o-xwrt·		0009ec80:·732c·672d·7877·7273·2c6f·2d78·7772·7420··s,g-xwrs,o-xwrt·
0009ec90:·2f62·6f6f·742f·6772·7562·2f67·7275·622e··/boot/grub/grub.		0009ec90:·2f62·6f6f·742f·6772·7562·2f67·7275·622e··/boot/grub/grub.
Offset 40704, 22 lines modified		Offset 40704, 22 lines modified
0009eff0:·616d·653a·2054·6573·7420·666f·7220·6578··ame:·Test·for·ex		0009eff0:·616d·653a·2054·6573·7420·666f·7220·6578··ame:·Test·for·ex
0009f000:·6973·7465·6e63·6520·2f62·6f6f·742f·6772··istence·/boot/gr		0009f000:·6973·7465·6e63·6520·2f62·6f6f·742f·6772··istence·/boot/gr
0009f010:·7562·2f67·7275·622e·6366·670a·2020·7374··ub/grub.cfg.··st		0009f010:·7562·2f67·7275·622e·6366·670a·2020·7374··ub/grub.cfg.··st
0009f020:·6174·3a0a·2020·2020·7061·7468·3a20·2f62··at:.····path:·/b		0009f020:·6174·3a0a·2020·2020·7061·7468·3a20·2f62··at:.····path:·/b
Max diff block lines reached; 18753/27922 bytes (67.16%) of diff not shown.


Offset 3439, 16 lines modified		Offset 3439, 16 lines modified
3439	············A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),·PR.AC-4,·PR.DS-5,	3439	············A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),·PR.AC-4,·PR.DS-5,
3440	············Req-7.1,·1.5.2	3440	············Req-7.1,·1.5.2
3441	Remediation_Shell_script_⇲	3441	Remediation_Shell_script_⇲
3442	Complexity:·low	3442	Complexity:·low
3443	Disruption:·low	3443	Disruption:·low
3444	Strategy:···configure	3444	Strategy:···configure
3445	#·Remediation·is·applicable·only·in·certain·platforms	3445	#·Remediation·is·applicable·only·in·certain·platforms
3446	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/dev/~~null·\|·grep·-q·installed·&&·[·!~~	3446	if·[·!·-f·/sys/firmware/efi·]·&&·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/dev/
3447	-f·~~/sys/firmware/efi·]~~·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then	3447	null·\|·grep·-q·installed·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then

3448	chown·0·/boot/grub/grub.cfg	3448	chown·0·/boot/grub/grub.cfg

3449	else	3449	else
3450	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'	3450	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'
3451	fi	3451	fi
3452	Remediation_Ansible_snippet_⇲	3452	Remediation_Ansible_snippet_⇲
Offset 3472, 16 lines modified		Offset 3472, 16 lines modified
3472	··-·no_reboot_needed	3472	··-·no_reboot_needed

3473	-·name:·Test·for·existence·/boot/grub/grub.cfg	3473	-·name:·Test·for·existence·/boot/grub/grub.cfg
3474	··stat:	3474	··stat:
3475	····path:·/boot/grub/grub.cfg	3475	····path:·/boot/grub/grub.cfg
3476	··register:·file_exists	3476	··register:·file_exists
3477	··when:	3477	··when:
3478	··-·'"grub2-common"·in·ansible_facts.packages'
3479	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3478	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3479	··-·'"grub2-common"·in·ansible_facts.packages'
3480	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3480	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3481	··tags:	3481	··tags:
3482	··-·CJIS-5.5.2.2	3482	··-·CJIS-5.5.2.2
3483	··-·NIST-800-171-3.4.5	3483	··-·NIST-800-171-3.4.5
3484	··-·NIST-800-53-AC-6(1)	3484	··-·NIST-800-53-AC-6(1)
3485	··-·NIST-800-53-CM-6(a)	3485	··-·NIST-800-53-CM-6(a)
3486	··-·PCI-DSS-Req-7.1	3486	··-·PCI-DSS-Req-7.1
Offset 3493, 16 lines modified		Offset 3493, 16 lines modified
3493	··-·no_reboot_needed	3493	··-·no_reboot_needed

3494	-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg	3494	-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg
3495	··file:	3495	··file:
3496	····path:·/boot/grub/grub.cfg	3496	····path:·/boot/grub/grub.cfg
3497	····owner:·'0'	3497	····owner:·'0'
3498	··when:	3498	··when:
3499	··-·'"grub2-common"·in·ansible_facts.packages'
3500	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3499	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3500	··-·'"grub2-common"·in·ansible_facts.packages'
3501	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3501	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3502	··-·file_exists.stat·is·defined·and·file_exists.stat.exists	3502	··-·file_exists.stat·is·defined·and·file_exists.stat.exists
3503	··tags:	3503	··tags:
3504	··-·CJIS-5.5.2.2	3504	··-·CJIS-5.5.2.2
3505	··-·NIST-800-171-3.4.5	3505	··-·NIST-800-171-3.4.5
3506	··-·NIST-800-53-AC-6(1)	3506	··-·NIST-800-53-AC-6(1)
3507	··-·NIST-800-53-CM-6(a)	3507	··-·NIST-800-53-CM-6(a)
Offset 3528, 16 lines modified		Offset 3528, 16 lines modified
3528	············A.8.2.2,·A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),	3528	············A.8.2.2,·A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),
3529	············PR.AC-4,·PR.DS-5,·1.5.2	3529	············PR.AC-4,·PR.DS-5,·1.5.2
3530	Remediation_Shell_script_⇲	3530	Remediation_Shell_script_⇲
3531	Complexity:·low	3531	Complexity:·low
3532	Disruption:·low	3532	Disruption:·low
3533	Strategy:···configure	3533	Strategy:···configure
3534	#·Remediation·is·applicable·only·in·certain·platforms	3534	#·Remediation·is·applicable·only·in·certain·platforms
3535	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>~~/dev~~/~~null·\|·grep·-q·installed·&&~~	3535	if·[·!·-f·/sys/firmware/efi·]·&&·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/
3536	~~[·!·-f~~·~~/sys/firmware/efi·]~~·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then	3536	dev/null·\|·grep·-q·installed·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then

3537	chmod·u-xs,g-xwrs,o-xwrt·/boot/grub/grub.cfg	3537	chmod·u-xs,g-xwrs,o-xwrt·/boot/grub/grub.cfg

3538	else	3538	else
3539	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'	3539	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'
3540	fi	3540	fi
3541	Remediation_Ansible_snippet_⇲	3541	Remediation_Ansible_snippet_⇲
Offset 3559, 16 lines modified		Offset 3559, 16 lines modified
3559	··-·no_reboot_needed	3559	··-·no_reboot_needed

3560	-·name:·Test·for·existence·/boot/grub/grub.cfg	3560	-·name:·Test·for·existence·/boot/grub/grub.cfg
3561	··stat:	3561	··stat:
3562	····path:·/boot/grub/grub.cfg	3562	····path:·/boot/grub/grub.cfg
3563	··register:·file_exists	3563	··register:·file_exists
3564	··when:	3564	··when:
3565	··-·'"grub2-common"·in·ansible_facts.packages'
3566	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3565	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3566	··-·'"grub2-common"·in·ansible_facts.packages'
3567	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3567	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3568	··tags:	3568	··tags:
3569	··-·NIST-800-171-3.4.5	3569	··-·NIST-800-171-3.4.5
3570	··-·NIST-800-53-AC-6(1)	3570	··-·NIST-800-53-AC-6(1)
3571	··-·NIST-800-53-CM-6(a)	3571	··-·NIST-800-53-CM-6(a)
3572	··-·configure_strategy	3572	··-·configure_strategy
3573	··-·file_permissions_grub2_cfg	3573	··-·file_permissions_grub2_cfg
Offset 3578, 16 lines modified		Offset 3578, 16 lines modified
3578	··-·no_reboot_needed	3578	··-·no_reboot_needed

3579	-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg	3579	-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg
3580	··file:	3580	··file:
3581	····path:·/boot/grub/grub.cfg	3581	····path:·/boot/grub/grub.cfg
3582	····mode:·u-xs,g-xwrs,o-xwrt	3582	····mode:·u-xs,g-xwrs,o-xwrt
3583	··when:	3583	··when:
3584	··-·'"grub2-common"·in·ansible_facts.packages'
3585	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3584	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3585	··-·'"grub2-common"·in·ansible_facts.packages'
3586	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3586	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3587	··-·file_exists.stat·is·defined·and·file_exists.stat.exists	3587	··-·file_exists.stat·is·defined·and·file_exists.stat.exists
3588	··tags:	3588	··tags:
3589	··-·NIST-800-171-3.4.5	3589	··-·NIST-800-171-3.4.5
3590	··-·NIST-800-53-AC-6(1)	3590	··-·NIST-800-53-AC-6(1)
3591	··-·NIST-800-53-CM-6(a)	3591	··-·NIST-800-53-CM-6(a)
3592	··-·configure_strategy	3592	··-·configure_strategy
Offset 10544, 14 lines modified		Offset 10544, 30 lines modified
10544	············CCI-000366,·4.3.3.5.1,·4.3.3.5.2,·4.3.3.5.3,·4.3.3.5.4,·4.3.3.5.5,·4.3.3.5.6,·4.3.3.5.7,	10544	············CCI-000366,·4.3.3.5.1,·4.3.3.5.2,·4.3.3.5.3,·4.3.3.5.4,·4.3.3.5.5,·4.3.3.5.6,·4.3.3.5.7,
10545	Identifiers·4.3.3.5.8,·4.3.3.6.1,·4.3.3.6.2,·4.3.3.6.3,·4.3.3.6.4,·4.3.3.6.5,·4.3.3.6.6,·4.3.3.6.7,	10545	Identifiers·4.3.3.5.8,·4.3.3.6.1,·4.3.3.6.2,·4.3.3.6.3,·4.3.3.6.4,·4.3.3.6.5,·4.3.3.6.6,·4.3.3.6.7,
10546	and·········4.3.3.6.8,·4.3.3.6.9,·4.3.3.7.1,·4.3.3.7.2,·4.3.3.7.3,·4.3.3.7.4,·4.3.4.3.2,·4.3.4.3.3,·SR_1.1,	10546	and·········4.3.3.6.8,·4.3.3.6.9,·4.3.3.7.1,·4.3.3.7.2,·4.3.3.7.3,·4.3.3.7.4,·4.3.4.3.2,·4.3.4.3.3,·SR_1.1,
10547	References··SR_1.10,·SR_1.11,·SR_1.12,·SR_1.13,·SR_1.2,·SR_1.3,·SR_1.4,·SR_1.5,·SR_1.6,·SR_1.7,·SR_1.8,·SR	10547	References··SR_1.10,·SR_1.11,·SR_1.12,·SR_1.13,·SR_1.2,·SR_1.3,·SR_1.4,·SR_1.5,·SR_1.6,·SR_1.7,·SR_1.8,·SR
10548	············1.9,·SR_2.1,·SR_2.2,·SR_2.3,·SR_2.4,·SR_2.5,·SR_2.6,·SR_2.7,·SR_7.6,·A.12.1.2,·A.12.5.1,	10548	············1.9,·SR_2.1,·SR_2.2,·SR_2.3,·SR_2.4,·SR_2.5,·SR_2.6,·SR_2.7,·SR_7.6,·A.12.1.2,·A.12.5.1,
10549	············A.12.6.2,·A.14.2.2,·A.14.2.3,·A.14.2.4,·A.9.1.2,·CM-7(a),·CM-7(b),·CM-6(a),·PR.IP-1,·PR.PT-3,	10549	············A.12.6.2,·A.14.2.2,·A.14.2.3,·A.14.2.4,·A.9.1.2,·CM-7(a),·CM-7(b),·CM-6(a),·PR.IP-1,·PR.PT-3,
10550	············2.2.3	10550	············2.2.3
		10551	Remediation_OSBuild_Blueprint_snippet_⇲

		10552	[customizations.services]
		10553	disabled·=·["avahi-daemon"]
		10554	Remediation_Puppet_snippet_⇲
		10555	Complexity:·low
		10556	Disruption:·low
		10557	Strategy:···enable
		10558	include·disable_avahi-daemon

		10559	class·disable_avahi-daemon·{
		10560	··service·{'avahi-daemon':
		10561	····enable·=>·false,
		10562	····ensure·=>·'stopped',
Max diff block lines reached; 877/5956 bytes (14.72%) of diff not shown.


Offset 41121, 25 lines modified		Offset 41121, 25 lines modified
000a0a00:·6c61·7373·3d22·7061·6e65·6c2d·636f·6c6c··lass="panel-coll		000a0a00:·6c61·7373·3d22·7061·6e65·6c2d·636f·6c6c··lass="panel-coll
000a0a10:·6170·7365·2063·6f6c·6c61·7073·6522·2069··apse·collapse"·i		000a0a10:·6170·7365·2063·6f6c·6c61·7073·6522·2069··apse·collapse"·i
000a0a20:·643d·2269·646d·3132·3637·3822·3e3c·7072··d="idm12678"><pr		000a0a20:·643d·2269·646d·3132·3637·3822·3e3c·7072··d="idm12678"><pr
000a0a30:·653e·3c63·6f64·653e·2320·5265·6d65·6469··e><code>#·Remedi		000a0a30:·653e·3c63·6f64·653e·2320·5265·6d65·6469··e><code>#·Remedi
000a0a40:·6174·696f·6e20·6973·2061·7070·6c69·6361··ation·is·applica		000a0a40:·6174·696f·6e20·6973·2061·7070·6c69·6361··ation·is·applica
000a0a50:·626c·6520·6f6e·6c79·2069·6e20·6365·7274··ble·only·in·cert		000a0a50:·626c·6520·6f6e·6c79·2069·6e20·6365·7274··ble·only·in·cert
000a0a60:·6169·6e20·706c·6174·666f·726d·730a·6966··ain·platforms.if		000a0a60:·6169·6e20·706c·6174·666f·726d·730a·6966··ain·platforms.if
		000a0a70:·2064·706b·672d·7175·6572·7920·2d2d·7368···dpkg-query·--sh
		000a0a80:·6f77·202d·2d73·686f·7766·6f72·6d61·743d··ow·--showformat=
		000a0a90:·2724·7b64·623a·5374·6174·7573·2d53·7461··'${db:Status-Sta
		000a0aa0:·7475·737d·5c6e·2720·2761·7564·6974·6427··tus}\n'·'auditd'
		000a0ab0:·2032·2667·743b·2f64·6576·2f6e·756c·6c20···2>/dev/null·
		000a0ac0:·7c20·6772·6570·202d·7120·696e·7374·616c··\|·grep·-q·instal
		000a0ad0:·6c65·6420·2661·6d70·3b26·616d·703b·205b··led·&&·[
000a0a70:~~·205b~~·2021·202d·6620·2f2e·646f·636b·6572···[·!·-f·/.docker		000a0ae0:·2021·202d·6620·2f2e·646f·636b·6572·656e···!·-f·/.dockeren
000a0a80:~~·656e~~·7620·5d20·2661·6d70·3b26·616d·703b·~~·en~~v·]·&&		000a0af0:·7620·5d20·2661·6d70·3b26·616d·703b·205b··v·]·&&·[
000a0a90~~:·2~~05b·2021·202d·6620·2f72·756e·2f2e·636f···[·!·-f·/run/.co		000a0b00:·2021·202d·6620·2f72·756e·2f2e·636f·6e74···!·-f·/run/.cont
000a0aa0:~~·6e74~~·6169·6e65·7265·6e76·205d·2026·616d··ntainerenv·]·~~&am~~		000a0b10:·6169·6e65·7265·6e76·205d·3b20·7468·656e··ainerenv·];·then
000a0ab0:·703b·2661·6d70·3b20·6470·6b67·2d71·7565··p;&·dpkg-que
000a0ac0:·7279·202d·2d73·686f·7720·2d2d·7368·6f77··ry·--show·--show
000a0ad0:·666f·726d·6174·3d27·247b·6462·3a53·7461··format='${db:Sta
000a0ae0:·7475·732d·5374·6174·7573·7d5c·6e27·2027··tus-Status}\n'·'
000a0af0:·6175·6469·7464·2720·3226·6774·3b2f·6465··auditd'·2>/de
000a0b00:·762f·6e75·6c6c·207c·2067·7265·7020·2d71··v/null·\|·grep·-q
000a0b10:·2069·6e73·7461·6c6c·6564·3b20·7468·656e···installed;·then
000a0b20:·0a0a·2320·4669·7273·7420·7065·7266·6f72··..#·First·perfor		000a0b20:·0a0a·2320·4669·7273·7420·7065·7266·6f72··..#·First·perfor
000a0b30:·6d20·7468·6520·7265·6d65·6469·6174·696f··m·the·remediatio		000a0b30:·6d20·7468·6520·7265·6d65·6469·6174·696f··m·the·remediatio
000a0b40:·6e20·6f66·2074·6865·2073·7973·6361·6c6c··n·of·the·syscall		000a0b40:·6e20·6f66·2074·6865·2073·7973·6361·6c6c··n·of·the·syscall
000a0b50:·2072·756c·650a·2320·5265·7472·6965·7665···rule.#·Retrieve		000a0b50:·2072·756c·650a·2320·5265·7472·6965·7665···rule.#·Retrieve
000a0b60:·2068·6172·6477·6172·6520·6172·6368·6974···hardware·archit		000a0b60:·2068·6172·6477·6172·6520·6172·6368·6974···hardware·archit
000a0b70:·6563·7475·7265·206f·6620·7468·6520·756e··ecture·of·the·un		000a0b70:·6563·7475·7265·206f·6620·7468·6520·756e··ecture·of·the·un
000a0b80:·6465·726c·7969·6e67·2073·7973·7465·6d0a··derlying·system.		000a0b80:·6465·726c·7969·6e67·2073·7973·7465·6d0a··derlying·system.
Offset 42019, 23 lines modified		Offset 42019, 23 lines modified
000a4220:·6571·7569·7265·640a·2020·2d20·7265·7374··equired.··-·rest		000a4220:·6571·7569·7265·640a·2020·2d20·7265·7374··equired.··-·rest
000a4230:·7269·6374·5f73·7472·6174·6567·790a·0a2d··rict_strategy..-		000a4230:·7269·6374·5f73·7472·6174·6567·790a·0a2d··rict_strategy..-
000a4240:·206e·616d·653a·2053·6574·2061·7263·6869···name:·Set·archi		000a4240:·206e·616d·653a·2053·6574·2061·7263·6869···name:·Set·archi
000a4250:·7465·6374·7572·6520·666f·7220·6175·6469··tecture·for·audi		000a4250:·7465·6374·7572·6520·666f·7220·6175·6469··tecture·for·audi
000a4260:·7420·6368·6d6f·6420·7461·736b·730a·2020··t·chmod·tasks.··		000a4260:·7420·6368·6d6f·6420·7461·736b·730a·2020··t·chmod·tasks.··
000a4270:·7365·745f·6661·6374·3a0a·2020·2020·6175··set_fact:.····au		000a4270:·7365·745f·6661·6374·3a0a·2020·2020·6175··set_fact:.····au
000a4280:·6469·745f·6172·6368·3a20·6236·340a·2020··dit_arch:·b64.··		000a4280:·6469·745f·6172·6368·3a20·6236·340a·2020··dit_arch:·b64.··
000a4290:·7768·656e·3a0a·2020·2d20·~~616e~~·~~7369~~·626c··when:.··-·~~ansibl~~		000a4290:·7768·656e·3a0a·2020·2d20·2722·6175·6469··when:.··-·'"audi
000a42a0:·655f·7669·7274·7561·6c69·7a61·7469·6f6e··e_virtualization
000a42b0:·5f74·7970·6520·6e6f·7420·696e·205b·2264··_type·not·in·["d
000a42c0:·6f63·6b65·7222·2c20·226c·7863·222c·2022··ocker",·"lxc",·"
000a42d0:·6f70·656e·767a·222c·2022·706f·646d·616e··openvz",·"podman
000a42e0:·222c·2022·636f·6e74·6169·6e65·7222·5d0a··",·"container"].
000a42f0:·2020·2d20·2722·6175·6469·7464·2220·696e····-·'"auditd"·in
000a4300:·2061·6e73·6962·6c65·5f66·6163·7473·2e70···ansible_facts.p
000a4310:·6163·~~6b61~~·6765·~~7327~~·~~0a20~~·~~202d~~·2061·~~6e73~~··~~ackages'.··-·ans~~		000a42a0:·7464·2220·696e·2061·6e73·6962·6c65·5f66··td"·in·ansible_f
		000a42b0:·6163·7473·2e70·6163·6b61·6765·7327·0a20··acts.packages'.·
		000a42c0:·202d·2061·6e73·6962·6c65·5f76·6972·7475···-·ansible_virtu
		000a42d0:·616c·697a·6174·696f·6e5f·7479·7065·206e··alization_type·n
		000a42e0:·6f74·2069·6e20·5b22·646f·636b·6572·222c··ot·in·["docker",
		000a42f0:·2022·6c78·6322·2c20·226f·7065·6e76·7a22···"lxc",·"openvz"
		000a4300:·2c20·2270·6f64·6d61·6e22·2c20·2263·6f6e··,·"podman",·"con
		000a4310:·7461·696e·6572·225d·0a20·202d·2061·6e73··tainer"].··-·ans
000a4320:·6962·6c65·5f61·7263·6869·7465·6374·7572··ible_architectur		000a4320:·6962·6c65·5f61·7263·6869·7465·6374·7572··ible_architectur
000a4330:·6520·3d3d·2022·6161·7263·6836·3422·206f··e·==·"aarch64"·o		000a4330:·6520·3d3d·2022·6161·7263·6836·3422·206f··e·==·"aarch64"·o
000a4340:·7220·616e·7369·626c·655f·6172·6368·6974··r·ansible_archit		000a4340:·7220·616e·7369·626c·655f·6172·6368·6974··r·ansible_archit
000a4350:·6563·7475·7265·203d·3d20·2270·7063·3634··ecture·==·"ppc64		000a4350:·6563·7475·7265·203d·3d20·2270·7063·3634··ecture·==·"ppc64
000a4360:·2220·6f72·2061·6e73·6962·6c65·5f61·7263··"·or·ansible_arc		000a4360:·2220·6f72·2061·6e73·6962·6c65·5f61·7263··"·or·ansible_arc
000a4370:·6869·7465·6374·7572·650a·2020·2020·3d3d··hitecture.····==		000a4370:·6869·7465·6374·7572·650a·2020·2020·3d3d··hitecture.····==
000a4380:·2022·7070·6336·346c·6522·206f·7220·616e···"ppc64le"·or·an		000a4380:·2022·7070·6336·346c·6522·206f·7220·616e···"ppc64le"·or·an
Offset 42342, 23 lines modified		Offset 42342, 23 lines modified
000a5650:·202d·4620·6b65·793d·7065·726d·5f6d·6f64···-F·key=perm_mod		000a5650:·202d·4620·6b65·793d·7065·726d·5f6d·6f64···-F·key=perm_mod
000a5660:·0a20·2020·2020·2063·7265·6174·653a·2074··.······create:·t		000a5660:·0a20·2020·2020·2063·7265·6174·653a·2074··.······create:·t
000a5670:·7275·650a·2020·2020·2020·6d6f·6465·3a20··rue.······mode:·		000a5670:·7275·650a·2020·2020·2020·6d6f·6465·3a20··rue.······mode:·
000a5680:·6f2d·7277·780a·2020·2020·2020·7374·6174··o-rwx.······stat		000a5680:·6f2d·7277·780a·2020·2020·2020·7374·6174··o-rwx.······stat
000a5690:·653a·2070·7265·7365·6e74·0a20·2020·2077··e:·present.····w		000a5690:·653a·2070·7265·7365·6e74·0a20·2020·2077··e:·present.····w
000a56a0:·6865·6e3a·2073·7973·6361·6c6c·735f·666f··hen:·syscalls_fo		000a56a0:·6865·6e3a·2073·7973·6361·6c6c·735f·666f··hen:·syscalls_fo
000a56b0:·756e·6420·7c20·6c65·6e67·7468·203d·3d20··und·\|·length·==·		000a56b0:·756e·6420·7c20·6c65·6e67·7468·203d·3d20··und·\|·length·==·
000a56c0:·300a·2020·7768·656e·3a0a·2020·2d20·~~616e~~··0.··when:.··-·an		000a56c0:·300a·2020·7768·656e·3a0a·2020·2d20·2722··0.··when:.··-·'"
000a56d0:·7369·626c·655f·7669·7274·7561·6c69·7a61··sible_virtualiza
000a56e0:·7469·6f6e·5f74·7970·6520·6e6f·7420·696e··tion_type·not·in
000a56f0:·205b·2264·6f63·6b65·7222·2c20·226c·7863···["docker",·"lxc
000a5700:·222c·2022·6f70·656e·767a·222c·2022·706f··",·"openvz",·"po
000a5710:·646d·616e·222c·2022·636f·6e74·6169·6e65··dman",·"containe
000a5720:·7222·5d0a·2020·2d20·2722·6175·6469·7464··r"].··-·'"auditd
000a5730:·2220·696e·2061·6e73·6962·6c65·5f66·6163··"·in·ansible_fac
000a5740:·7473·~~2e70~~·6163·~~6b61~~·6765·~~7327~~·~~0a20~~·~~2074~~··~~ts.packages'.··t~~		000a56d0:·6175·6469·7464·2220·696e·2061·6e73·6962··auditd"·in·ansib
		000a56e0:·6c65·5f66·6163·7473·2e70·6163·6b61·6765··le_facts.package
		000a56f0:·7327·0a20·202d·2061·6e73·6962·6c65·5f76··s'.··-·ansible_v
		000a5700:·6972·7475·616c·697a·6174·696f·6e5f·7479··irtualization_ty
		000a5710:·7065·206e·6f74·2069·6e20·5b22·646f·636b··pe·not·in·["dock
		000a5720:·6572·222c·2022·6c78·6322·2c20·226f·7065··er",·"lxc",·"ope
		000a5730:·6e76·7a22·2c20·2270·6f64·6d61·6e22·2c20··nvz",·"podman",·
		000a5740:·2263·6f6e·7461·696e·6572·225d·0a20·2074··"container"].··t
000a5750:·6167·733a·0a20·202d·2043·4a49·532d·352e··ags:.··-·CJIS-5.		000a5750:·6167·733a·0a20·202d·2043·4a49·532d·352e··ags:.··-·CJIS-5.
000a5760:·342e·312e·310a·2020·2d20·4449·5341·2d53··4.1.1.··-·DISA-S		000a5760:·342e·312e·310a·2020·2d20·4449·5341·2d53··4.1.1.··-·DISA-S
000a5770:·5449·472d·5542·5455·2d32·302d·3031·3031··TIG-UBTU-20-0101		000a5770:·5449·472d·5542·5455·2d32·302d·3031·3031··TIG-UBTU-20-0101
000a5780:·3532·0a20·202d·204e·4953·542d·3830·302d··52.··-·NIST-800-		000a5780:·3532·0a20·202d·204e·4953·542d·3830·302d··52.··-·NIST-800-
000a5790:·3137·312d·332e·312e·370a·2020·2d20·4e49··171-3.1.7.··-·NI		000a5790:·3137·312d·332e·312e·370a·2020·2d20·4e49··171-3.1.7.··-·NI
000a57a0:·5354·2d38·3030·2d35·332d·4155·2d31·3228··ST-800-53-AU-12(		000a57a0:·5354·2d38·3030·2d35·332d·4155·2d31·3228··ST-800-53-AU-12(
000a57b0:·6329·0a20·202d·204e·4953·542d·3830·302d··c).··-·NIST-800-		000a57b0:·6329·0a20·202d·204e·4953·542d·3830·302d··c).··-·NIST-800-
Offset 42654, 23 lines modified		Offset 42654, 23 lines modified
000a69d0:·6579·3d70·6572·6d5f·6d6f·640a·2020·2020··ey=perm_mod.····		000a69d0:·6579·3d70·6572·6d5f·6d6f·640a·2020·2020··ey=perm_mod.····
000a69e0:·2020·6372·6561·7465·3a20·7472·7565·0a20····create:·true.·		000a69e0:·2020·6372·6561·7465·3a20·7472·7565·0a20····create:·true.·
000a69f0:·2020·2020·206d·6f64·653a·206f·2d72·7778·······mode:·o-rwx		000a69f0:·2020·2020·206d·6f64·653a·206f·2d72·7778·······mode:·o-rwx
000a6a00:·0a20·2020·2020·2073·7461·7465·3a20·7072··.······state:·pr		000a6a00:·0a20·2020·2020·2073·7461·7465·3a20·7072··.······state:·pr
000a6a10:·6573·656e·740a·2020·2020·7768·656e·3a20··esent.····when:·		000a6a10:·6573·656e·740a·2020·2020·7768·656e·3a20··esent.····when:·
000a6a20:·7379·7363·616c·6c73·5f66·6f75·6e64·207c··syscalls_found·\|		000a6a20:·7379·7363·616c·6c73·5f66·6f75·6e64·207c··syscalls_found·\|
000a6a30:·206c·656e·6774·6820·3d3d·2030·0a20·2077···length·==·0.··w		000a6a30:·206c·656e·6774·6820·3d3d·2030·0a20·2077···length·==·0.··w
000a6a40:·6865·6e3a·0a20·202d·2061·~~6e73~~·6962·6~~c65~~··hen:.··-·~~ansible~~		000a6a40:·6865·6e3a·0a20·202d·2027·2261·7564·6974··hen:.··-·'"audit
000a6a50:·5f76·6972·7475·616c·697a·6174·696f·6e5f··_virtualization_
000a6a60:·7479·7065·206e·6f74·2069·6e20·5b22·646f··type·not·in·["do
000a6a70:·636b·6572·222c·2022·6c78·6322·2c20·226f··cker",·"lxc",·"o
000a6a80:·7065·6e76·7a22·2c20·2270·6f64·6d61·6e22··penvz",·"podman"
000a6a90:·2c20·2263·6f6e·7461·696e·6572·225d·0a20··,·"container"].·
000a6aa0:·202d·2027·2261·7564·6974·6422·2069·6e20···-·'"auditd"·in·
000a6ab0:·616e·7369·626c·655f·6661·~~6374~~·732e·~~706~~1··ansible_f~~acts.p~~a		000a6a50:·6422·2069·6e20·616e·7369·626c·655f·6661··d"·in·ansible_fa
		000a6a60:·6374·732e·7061·636b·6167·6573·270a·2020··cts.packages'.··
		000a6a70:·2d20·616e·7369·626c·655f·7669·7274·7561··-·ansible_virtua
		000a6a80:·6c69·7a61·7469·6f6e·5f74·7970·6520·6e6f··lization_type·no
		000a6a90:·7420·696e·205b·2264·6f63·6b65·7222·2c20··t·in·["docker",·
		000a6aa0:·226c·7863·222c·2022·6f70·656e·767a·222c··"lxc",·"openvz",
		000a6ab0:·2022·706f·646d·616e·222c·2022·636f·6e74···"podman",·"cont
000a6ac0:·636b·6167·~~6573~~·270a·2020·2d20·6175·6469··~~ckages'~~.··-·audi		000a6ac0:·6169·6e65·7222·5d0a·2020·2d20·6175·6469··ainer"].··-·audi
000a6ad0:·745f·6172·6368·203d·3d20·2262·3634·220a··t_arch·==·"b64".		000a6ad0:·745f·6172·6368·203d·3d20·2262·3634·220a··t_arch·==·"b64".
000a6ae0:·2020·7461·6773·3a0a·2020·2d20·434a·4953····tags:.··-·CJIS		000a6ae0:·2020·7461·6773·3a0a·2020·2d20·434a·4953····tags:.··-·CJIS
000a6af0:·2d35·2e34·2e31·2e31·0a20·202d·2044·4953··-5.4.1.1.··-·DIS		000a6af0:·2d35·2e34·2e31·2e31·0a20·202d·2044·4953··-5.4.1.1.··-·DIS
000a6b00:·412d·5354·4947·2d55·4254·552d·3230·2d30··A-STIG-UBTU-20-0		000a6b00:·412d·5354·4947·2d55·4254·552d·3230·2d30··A-STIG-UBTU-20-0
000a6b10:·3130·3135·320a·2020·2d20·4e49·5354·2d38··10152.··-·NIST-8		000a6b10:·3130·3135·320a·2020·2d20·4e49·5354·2d38··10152.··-·NIST-8
000a6b20:·3030·2d31·3731·2d33·2e31·2e37·0a20·202d··00-171-3.1.7.··-		000a6b20:·3030·2d31·3731·2d33·2e31·2e37·0a20·202d··00-171-3.1.7.··-
000a6b30:·204e·4953·542d·3830·302d·3533·2d41·552d···NIST-800-53-AU-		000a6b30:·204e·4953·542d·3830·302d·3533·2d41·552d···NIST-800-53-AU-
Offset 43622, 25 lines modified		Offset 43622, 25 lines modified
000aa650:·6173·733d·2270·616e·656c·2d63·6f6c·6c61··ass="panel-colla		000aa650:·6173·733d·2270·616e·656c·2d63·6f6c·6c61··ass="panel-colla
000aa660:·7073·6520·636f·6c6c·6170·7365·2220·6964··pse·collapse"·id		000aa660:·7073·6520·636f·6c6c·6170·7365·2220·6964··pse·collapse"·id
Max diff block lines reached; 580365/589810 bytes (98.40%) of diff not shown.


Offset 3389, 16 lines modified		Offset 3389, 16 lines modified
3389	············DE.AE-5,·DE.CM-1,·DE.CM-3,·DE.CM-7,·ID.SC-4,·PR.AC-3,·PR.PT-1,·PR.PT-4,·RS.AN-1,·RS.AN-4,	3389	············DE.AE-5,·DE.CM-1,·DE.CM-3,·DE.CM-7,·ID.SC-4,·PR.AC-3,·PR.PT-1,·PR.PT-4,·RS.AN-1,·RS.AN-4,
3390	············FAU_GEN.1.1.c,·Req-10.5.5,·SRG-OS-000037-GPOS-00015,·SRG-OS-000042-GPOS-00020,·SRG-OS-000062-	3390	············FAU_GEN.1.1.c,·Req-10.5.5,·SRG-OS-000037-GPOS-00015,·SRG-OS-000042-GPOS-00020,·SRG-OS-000062-
3391	············GPOS-00031,·SRG-OS-000392-GPOS-00172,·SRG-OS-000462-GPOS-00206,·SRG-OS-000471-GPOS-00215,·SRG-OS-	3391	············GPOS-00031,·SRG-OS-000392-GPOS-00172,·SRG-OS-000462-GPOS-00206,·SRG-OS-000471-GPOS-00215,·SRG-OS-
3392	············000064-GPOS-00033,·SRG-OS-000466-GPOS-00210,·SRG-OS-000458-GPOS-00203,·SRG-OS-000458-VMM-001810,	3392	············000064-GPOS-00033,·SRG-OS-000466-GPOS-00210,·SRG-OS-000458-GPOS-00203,·SRG-OS-000458-VMM-001810,
3393	············SRG-OS-000474-VMM-001940,·UBTU-20-010152,·4.1.9	3393	············SRG-OS-000474-VMM-001940,·UBTU-20-010152,·4.1.9
3394	Remediation_Shell_script_⇲	3394	Remediation_Shell_script_⇲
3395	#·Remediation·is·applicable·only·in·certain·platforms	3395	#·Remediation·is·applicable·only·in·certain·platforms
3396	if·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·]·&&·dpkg-query·--show·--showformat='${db:Status-
3397	Status}\n'·'auditd'·2>/dev/null·\|·grep·-q·installed;·~~then~~	3396	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'auditd'·2>/dev/null·\|·grep·-q·installed·&&·[·!·-
		3397	f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·then

3398	#·First·perform·the·remediation·of·the·syscall·rule	3398	#·First·perform·the·remediation·of·the·syscall·rule
3399	#·Retrieve·hardware·architecture·of·the·underlying·system	3399	#·Retrieve·hardware·architecture·of·the·underlying·system
3400	[·"$(getconf·LONG_BIT)"·=·"32"·]·&&·RULE_ARCHS=("b32")·\|\|·RULE_ARCHS=("b32"·"b64")	3400	[·"$(getconf·LONG_BIT)"·=·"32"·]·&&·RULE_ARCHS=("b32")·\|\|·RULE_ARCHS=("b32"·"b64")

3401	for·ARCH·in·"${RULE_ARCHS[@]}"	3401	for·ARCH·in·"${RULE_ARCHS[@]}"
3402	do	3402	do
Offset 3754, 16 lines modified		Offset 3754, 16 lines modified
3754	··-·reboot_required	3754	··-·reboot_required
3755	··-·restrict_strategy	3755	··-·restrict_strategy

3756	-·name:·Set·architecture·for·audit·chmod·tasks	3756	-·name:·Set·architecture·for·audit·chmod·tasks
3757	··set_fact:	3757	··set_fact:
3758	····audit_arch:·b64	3758	····audit_arch:·b64
3759	··when:	3759	··when:
3760	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3761	··-·'"auditd"·in·ansible_facts.packages'	3760	··-·'"auditd"·in·ansible_facts.packages'
		3761	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3762	··-·ansible_architecture·==·"aarch64"·or·ansible_architecture·==·"ppc64"·or·ansible_architecture	3762	··-·ansible_architecture·==·"aarch64"·or·ansible_architecture·==·"ppc64"·or·ansible_architecture
3763	····==·"ppc64le"·or·ansible_architecture·==·"s390x"·or·ansible_architecture·==·"x86_64"	3763	····==·"ppc64le"·or·ansible_architecture·==·"s390x"·or·ansible_architecture·==·"x86_64"
3764	··tags:	3764	··tags:
3765	··-·CJIS-5.4.1.1	3765	··-·CJIS-5.4.1.1
3766	··-·DISA-STIG-UBTU-20-010152	3766	··-·DISA-STIG-UBTU-20-010152
3767	··-·NIST-800-171-3.1.7	3767	··-·NIST-800-171-3.1.7
3768	··-·NIST-800-53-AU-12(c)	3768	··-·NIST-800-53-AU-12(c)
Offset 3900, 16 lines modified		Offset 3900, 16 lines modified
3900	······line:·-a·always,exit·-F·arch=b32·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000	3900	······line:·-a·always,exit·-F·arch=b32·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000
3901	········-F·auid!=unset·-F·key=perm_mod	3901	········-F·auid!=unset·-F·key=perm_mod
3902	······create:·true	3902	······create:·true
3903	······mode:·o-rwx	3903	······mode:·o-rwx
3904	······state:·present	3904	······state:·present
3905	····when:·syscalls_found·\|·length·==·0	3905	····when:·syscalls_found·\|·length·==·0
3906	··when:	3906	··when:
3907	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3908	··-·'"auditd"·in·ansible_facts.packages'	3907	··-·'"auditd"·in·ansible_facts.packages'
		3908	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3909	··tags:	3909	··tags:
3910	··-·CJIS-5.4.1.1	3910	··-·CJIS-5.4.1.1
3911	··-·DISA-STIG-UBTU-20-010152	3911	··-·DISA-STIG-UBTU-20-010152
3912	··-·NIST-800-171-3.1.7	3912	··-·NIST-800-171-3.1.7
3913	··-·NIST-800-53-AU-12(c)	3913	··-·NIST-800-53-AU-12(c)
3914	··-·NIST-800-53-AU-2(d)	3914	··-·NIST-800-53-AU-2(d)
3915	··-·NIST-800-53-CM-6(a)	3915	··-·NIST-800-53-CM-6(a)
Offset 4044, 16 lines modified		Offset 4044, 16 lines modified
4044	······line:·-a·always,exit·-F·arch=b64·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000	4044	······line:·-a·always,exit·-F·arch=b64·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000
4045	········-F·auid!=unset·-F·key=perm_mod	4045	········-F·auid!=unset·-F·key=perm_mod
4046	······create:·true	4046	······create:·true
4047	······mode:·o-rwx	4047	······mode:·o-rwx
4048	······state:·present	4048	······state:·present
4049	····when:·syscalls_found·\|·length·==·0	4049	····when:·syscalls_found·\|·length·==·0
4050	··when:	4050	··when:
4051	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4052	··-·'"auditd"·in·ansible_facts.packages'	4051	··-·'"auditd"·in·ansible_facts.packages'
		4052	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4053	··-·audit_arch·==·"b64"	4053	··-·audit_arch·==·"b64"
4054	··tags:	4054	··tags:
4055	··-·CJIS-5.4.1.1	4055	··-·CJIS-5.4.1.1
4056	··-·DISA-STIG-UBTU-20-010152	4056	··-·DISA-STIG-UBTU-20-010152
4057	··-·NIST-800-171-3.1.7	4057	··-·NIST-800-171-3.1.7
4058	··-·NIST-800-53-AU-12(c)	4058	··-·NIST-800-53-AU-12(c)
4059	··-·NIST-800-53-AU-2(d)	4059	··-·NIST-800-53-AU-2(d)
Offset 4099, 16 lines modified		Offset 4099, 16 lines modified
4099	············DE.AE-5,·DE.CM-1,·DE.CM-3,·DE.CM-7,·ID.SC-4,·PR.AC-3,·PR.PT-1,·PR.PT-4,·RS.AN-1,·RS.AN-4,	4099	············DE.AE-5,·DE.CM-1,·DE.CM-3,·DE.CM-7,·ID.SC-4,·PR.AC-3,·PR.PT-1,·PR.PT-4,·RS.AN-1,·RS.AN-4,
4100	············FAU_GEN.1.1.c,·Req-10.5.5,·SRG-OS-000037-GPOS-00015,·SRG-OS-000042-GPOS-00020,·SRG-OS-000062-	4100	············FAU_GEN.1.1.c,·Req-10.5.5,·SRG-OS-000037-GPOS-00015,·SRG-OS-000042-GPOS-00020,·SRG-OS-000062-
4101	············GPOS-00031,·SRG-OS-000392-GPOS-00172,·SRG-OS-000462-GPOS-00206,·SRG-OS-000471-GPOS-00215,·SRG-OS-	4101	············GPOS-00031,·SRG-OS-000392-GPOS-00172,·SRG-OS-000462-GPOS-00206,·SRG-OS-000471-GPOS-00215,·SRG-OS-
4102	············000064-GPOS-00033,·SRG-OS-000466-GPOS-00210,·SRG-OS-000458-GPOS-00203,·SRG-OS-000474-GPOS-00219,	4102	············000064-GPOS-00033,·SRG-OS-000466-GPOS-00210,·SRG-OS-000458-GPOS-00203,·SRG-OS-000474-GPOS-00219,
4103	············SRG-OS-000458-VMM-001810,·SRG-OS-000474-VMM-001940,·UBTU-20-010148,·4.1.9	4103	············SRG-OS-000458-VMM-001810,·SRG-OS-000474-VMM-001940,·UBTU-20-010148,·4.1.9
4104	Remediation_Shell_script_⇲	4104	Remediation_Shell_script_⇲
4105	#·Remediation·is·applicable·only·in·certain·platforms	4105	#·Remediation·is·applicable·only·in·certain·platforms
4106	if·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·]·&&·dpkg-query·--show·--showformat='${db:Status-
4107	Status}\n'·'auditd'·2>/dev/null·\|·grep·-q·installed;·~~then~~	4106	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'auditd'·2>/dev/null·\|·grep·-q·installed·&&·[·!·-
		4107	f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·then

4108	#·First·perform·the·remediation·of·the·syscall·rule	4108	#·First·perform·the·remediation·of·the·syscall·rule
4109	#·Retrieve·hardware·architecture·of·the·underlying·system	4109	#·Retrieve·hardware·architecture·of·the·underlying·system
4110	[·"$(getconf·LONG_BIT)"·=·"32"·]·&&·RULE_ARCHS=("b32")·\|\|·RULE_ARCHS=("b32"·"b64")	4110	[·"$(getconf·LONG_BIT)"·=·"32"·]·&&·RULE_ARCHS=("b32")·\|\|·RULE_ARCHS=("b32"·"b64")

4111	for·ARCH·in·"${RULE_ARCHS[@]}"	4111	for·ARCH·in·"${RULE_ARCHS[@]}"
4112	do	4112	do
Offset 4464, 16 lines modified		Offset 4464, 16 lines modified
4464	··-·reboot_required	4464	··-·reboot_required
4465	··-·restrict_strategy	4465	··-·restrict_strategy

4466	-·name:·Set·architecture·for·audit·chown·tasks	4466	-·name:·Set·architecture·for·audit·chown·tasks
4467	··set_fact:	4467	··set_fact:
4468	····audit_arch:·b64	4468	····audit_arch:·b64
4469	··when:	4469	··when:
4470	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4471	··-·'"auditd"·in·ansible_facts.packages'	4470	··-·'"auditd"·in·ansible_facts.packages'
		4471	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4472	··-·ansible_architecture·==·"aarch64"·or·ansible_architecture·==·"ppc64"·or·ansible_architecture	4472	··-·ansible_architecture·==·"aarch64"·or·ansible_architecture·==·"ppc64"·or·ansible_architecture
4473	····==·"ppc64le"·or·ansible_architecture·==·"s390x"·or·ansible_architecture·==·"x86_64"	4473	····==·"ppc64le"·or·ansible_architecture·==·"s390x"·or·ansible_architecture·==·"x86_64"
4474	··tags:	4474	··tags:
4475	··-·CJIS-5.4.1.1	4475	··-·CJIS-5.4.1.1
4476	··-·DISA-STIG-UBTU-20-010148	4476	··-·DISA-STIG-UBTU-20-010148
4477	··-·NIST-800-171-3.1.7	4477	··-·NIST-800-171-3.1.7
4478	··-·NIST-800-53-AU-12(c)	4478	··-·NIST-800-53-AU-12(c)
Offset 4612, 16 lines modified		Offset 4612, 16 lines modified
4612	······line:·-a·always,exit·-F·arch=b32·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000	4612	······line:·-a·always,exit·-F·arch=b32·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000
4613	········-F·auid!=unset·-F·key=perm_mod	4613	········-F·auid!=unset·-F·key=perm_mod
4614	······create:·true	4614	······create:·true
4615	······mode:·o-rwx	4615	······mode:·o-rwx
4616	······state:·present	4616	······state:·present
4617	····when:·syscalls_found·\|·length·==·0	4617	····when:·syscalls_found·\|·length·==·0
4618	··when:	4618	··when:
4619	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4620	··-·'"auditd"·in·ansible_facts.packages'	4619	··-·'"auditd"·in·ansible_facts.packages'
		4620	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4621	··tags:	4621	··tags:
4622	··-·CJIS-5.4.1.1	4622	··-·CJIS-5.4.1.1
4623	··-·DISA-STIG-UBTU-20-010148	4623	··-·DISA-STIG-UBTU-20-010148
4624	··-·NIST-800-171-3.1.7	4624	··-·NIST-800-171-3.1.7
4625	··-·NIST-800-53-AU-12(c)	4625	··-·NIST-800-53-AU-12(c)
4626	··-·NIST-800-53-AU-2(d)	4626	··-·NIST-800-53-AU-2(d)
4627	··-·NIST-800-53-CM-6(a)	4627	··-·NIST-800-53-CM-6(a)
Offset 4758, 16 lines modified		Offset 4758, 16 lines modified
4758	······line:·-a·always,exit·-F·arch=b64·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000	4758	······line:·-a·always,exit·-F·arch=b64·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000
Max diff block lines reached; 188110/193881 bytes (97.02%) of diff not shown.


Offset 42689, 26 lines modified		Offset 42689, 26 lines modified
000a6c00:·3e3c·6469·7620·636c·6173·733d·2270·616e··><div·class="pan		000a6c00:·3e3c·6469·7620·636c·6173·733d·2270·616e··><div·class="pan
000a6c10:·656c·2d63·6f6c·6c61·7073·6520·636f·6c6c··el-collapse·coll		000a6c10:·656c·2d63·6f6c·6c61·7073·6520·636f·6c6c··el-collapse·coll
000a6c20:·6170·7365·2220·6964·3d22·6964·6d31·3236··apse"·id="idm126		000a6c20:·6170·7365·2220·6964·3d22·6964·6d31·3236··apse"·id="idm126
000a6c30:·3738·223e·3c70·7265·3e3c·636f·6465·3e23··78"><pre><code>#		000a6c30:·3738·223e·3c70·7265·3e3c·636f·6465·3e23··78"><pre><code>#
000a6c40:·2052·656d·6564·6961·7469·6f6e·2069·7320···Remediation·is·		000a6c40:·2052·656d·6564·6961·7469·6f6e·2069·7320···Remediation·is·
000a6c50:·6170·706c·6963·6162·6c65·206f·6e6c·7920··applicable·only·		000a6c50:·6170·706c·6963·6162·6c65·206f·6e6c·7920··applicable·only·
000a6c60:·696e·2063·6572·7461·696e·2070·6c61·7466··in·certain·platf		000a6c60:·696e·2063·6572·7461·696e·2070·6c61·7466··in·certain·platf
000a6c70:·6f72·6d73·0a69·6620·5b20·2120·2d66·202f··orms.if·[·!·-f·/
000a6c80:·~~2e64~~·6f63·6b65·~~7265~~·6e76·~~205d~~·2~~026~~·616d··~~.dockerenv·]·&am~~		000a6c70:·6f72·6d73·0a69·6620·6470·6b67·2d71·7565··orms.if·dpkg-que
		000a6c80:·7279·202d·2d73·686f·7720·2d2d·7368·6f77··ry·--show·--show
		000a6c90:·666f·726d·6174·3d27·247b·6462·3a53·7461··format='${db:Sta
		000a6ca0:·7475·732d·5374·6174·7573·7d5c·6e27·2027··tus-Status}\n'·'
		000a6cb0:·6175·6469·7464·2720·3226·6774·3b2f·6465··auditd'·2>/de
		000a6cc0:·762f·6e75·6c6c·207c·2067·7265·7020·2d71··v/null·\|·grep·-q
		000a6cd0:·2069·6e73·7461·6c6c·6564·2026·616d·703b···installed·&
000a6c90:~~·703b~~·2661·6d70·3b20·5b20·2120·2d66·202f·~~·p;~~&·[·!·-f·/		000a6ce0:·2661·6d70·3b20·5b20·2120·2d66·202f·2e64··&·[·!·-f·/.d
		000a6cf0:·6f63·6b65·7265·6e76·205d·2026·616d·703b··ockerenv·]·&
		000a6d00:·2661·6d70·3b20·5b20·2120·2d66·202f·7275··&·[·!·-f·/ru
000a6ca0:~~·7275~~·6e2f·2e63·6f6e·7461·696e·6572·656e·~~·ru~~n/.containeren		000a6d10:·6e2f·2e63·6f6e·7461·696e·6572·656e·7620··n/.containerenv·
000a6cb0:·7620·5d20·2661·6d70·3b26·616d·703b·2064··v·]·&&·d
000a6cc0:·706b·672d·7175·6572·7920·2d2d·7368·6f77··pkg-query·--show
000a6cd0:·202d·2d73·686f·7766·6f72·6d61·743d·2724···--showformat='$
000a6ce0:·7b64·623a·5374·6174·7573·2d53·7461·7475··{db:Status-Statu
000a6cf0:·737d·5c6e·2720·2761·7564·6974·6427·2032··s}\n'·'auditd'·2
000a6d00:·2667·743b·2f64·6576·2f6e·756c·6c20·7c20··>/dev/null·\|·
000a6d10:·6772·6570·202d·7120·696e·7374·616c·6c65··grep·-q·installe
000a6d20:·643b·2074·6865·6e0a·0a23·2046·6972·7374··d;·then..#·First		000a6d20:·5d3b·2074·6865·6e0a·0a23·2046·6972·7374··];·then..#·First
000a6d30:·2070·6572·666f·726d·2074·6865·2072·656d···perform·the·rem		000a6d30:·2070·6572·666f·726d·2074·6865·2072·656d···perform·the·rem
000a6d40:·6564·6961·7469·6f6e·206f·6620·7468·6520··ediation·of·the·		000a6d40:·6564·6961·7469·6f6e·206f·6620·7468·6520··ediation·of·the·
000a6d50:·7379·7363·616c·6c20·7275·6c65·0a23·2052··syscall·rule.#·R		000a6d50:·7379·7363·616c·6c20·7275·6c65·0a23·2052··syscall·rule.#·R
000a6d60:·6574·7269·6576·6520·6861·7264·7761·7265··etrieve·hardware		000a6d60:·6574·7269·6576·6520·6861·7264·7761·7265··etrieve·hardware
000a6d70:·2061·7263·6869·7465·6374·7572·6520·6f66···architecture·of		000a6d70:·2061·7263·6869·7465·6374·7572·6520·6f66···architecture·of
000a6d80:·2074·6865·2075·6e64·6572·6c79·696e·6720···the·underlying·		000a6d80:·2074·6865·2075·6e64·6572·6c79·696e·6720···the·underlying·
000a6d90:·7379·7374·656d·0a5b·2022·2428·6765·7463··system.[·"$(getc		000a6d90:·7379·7374·656d·0a5b·2022·2428·6765·7463··system.[·"$(getc
Offset 43588, 22 lines modified		Offset 43588, 22 lines modified
000aa430:·202d·2072·6573·7472·6963·745f·7374·7261···-·restrict_stra		000aa430:·202d·2072·6573·7472·6963·745f·7374·7261···-·restrict_stra
000aa440:·7465·6779·0a0a·2d20·6e61·6d65·3a20·5365··tegy..-·name:·Se		000aa440:·7465·6779·0a0a·2d20·6e61·6d65·3a20·5365··tegy..-·name:·Se
000aa450:·7420·6172·6368·6974·6563·7475·7265·2066··t·architecture·f		000aa450:·7420·6172·6368·6974·6563·7475·7265·2066··t·architecture·f


Offset 31363, 112 lines modified		Offset 31363, 112 lines modified
0007a820:·6574·3d22·2369·646d·3335·3231·3922·2074··et="#idm35219"·t		0007a820:·6574·3d22·2369·646d·3335·3231·3922·2074··et="#idm35219"·t
0007a830:·6162·696e·6465·783d·2230·2220·726f·6c65··abindex="0"·role		0007a830:·6162·696e·6465·783d·2230·2220·726f·6c65··abindex="0"·role
0007a840:·3d22·6275·7474·6f6e·2220·6172·6961·2d65··="button"·aria-e		0007a840:·3d22·6275·7474·6f6e·2220·6172·6961·2d65··="button"·aria-e
0007a850:·7870·616e·6465·643d·2266·616c·7365·2220··xpanded="false"·		0007a850:·7870·616e·6465·643d·2266·616c·7365·2220··xpanded="false"·
0007a860:·7469·746c·653d·2241·6374·6976·6174·6520··title="Activate·		0007a860:·7469·746c·653d·2241·6374·6976·6174·6520··title="Activate·
0007a870:·746f·2072·6576·6561·6c22·2068·7265·663d··to·reveal"·href=		0007a870:·746f·2072·6576·6561·6c22·2068·7265·663d··to·reveal"·href=
0007a880:·2223·2122·3e52·656d·6564·6961·7469·6f6e··"#!">Remediation		0007a880:·2223·2122·3e52·656d·6564·6961·7469·6f6e··"#!">Remediation
		0007a890:·204f·5342·7569·6c64·2042·6c75·6570·7269···OSBuild·Bluepri
		0007a8a0:·6e74·2073·6e69·7070·6574·20e2·87b2·3c2f··nt·snippet·...</
		0007a8b0:·613e·3c62·723e·3c64·6976·2063·6c61·7373··a><br><div·class
		0007a8c0:·3d22·7061·6e65·6c2d·636f·6c6c·6170·7365··="panel-collapse
		0007a8d0:·2063·6f6c·6c61·7073·6522·2069·643d·2269···collapse"·id="i
		0007a8e0:·646d·3335·3231·3922·3e3c·7072·653e·3c63··dm35219"><pre><c
		0007a8f0:·6f64·653e·0a5b·6375·7374·6f6d·697a·6174··ode>.[customizat
		0007a900:·696f·6e73·2e73·6572·7669·6365·735d·0a64··ions.services].d
		0007a910:·6973·6162·6c65·6420·3d20·5b22·6170·706f··isabled·=·["appo
		0007a920:·7274·225d·0a3c·2f63·6f64·653e·3c2f·7072··rt"].</code></pr
		0007a930:·653e·3c2f·6469·763e·3c61·2063·6c61·7373··e></div><a·class
		0007a940:·3d22·6274·6e20·6274·6e2d·7375·6363·6573··="btn·btn-succes
		0007a950:·7322·2064·6174·612d·746f·6767·6c65·3d22··s"·data-toggle="
		0007a960:·636f·6c6c·6170·7365·2220·6461·7461·2d74··collapse"·data-t
		0007a970:·6172·6765·743d·2223·6964·6d33·3532·3230··arget="#idm35220
		0007a980:·2220·7461·6269·6e64·6578·3d22·3022·2072··"·tabindex="0"·r
		0007a990:·6f6c·653d·2262·7574·746f·6e22·2061·7269··ole="button"·ari
		0007a9a0:·612d·6578·7061·6e64·6564·3d22·6661·6c73··a-expanded="fals
		0007a9b0:·6522·2074·6974·6c65·3d22·4163·7469·7661··e"·title="Activa
		0007a9c0:·7465·2074·6f20·7265·7665·616c·2220·6872··te·to·reveal"·hr
		0007a9d0:·6566·3d22·2321·223e·5265·6d65·6469·6174··ef="#!">Remediat
		0007a9e0:·696f·6e20·5075·7070·6574·2073·6e69·7070··ion·Puppet·snipp
		0007a9f0:·6574·20e2·87b2·3c2f·613e·3c62·723e·3c64··et·...</a><br><d
		0007aa00:·6976·2063·6c61·7373·3d22·7061·6e65·6c2d··iv·class="panel-
		0007aa10:·636f·6c6c·6170·7365·2063·6f6c·6c61·7073··collapse·collaps
		0007aa20:·6522·2069·643d·2269·646d·3335·3232·3022··e"·id="idm35220"
		0007aa30:·3e3c·7461·626c·6520·636c·6173·733d·2274··><table·class="t
		0007aa40:·6162·6c65·2074·6162·6c65·2d73·7472·6970··able·table-strip
		0007aa50:·6564·2074·6162·6c65·2d62·6f72·6465·7265··ed·table-bordere
		0007aa60:·6420·7461·626c·652d·636f·6e64·656e·7365··d·table-condense
		0007aa70:·6422·3e3c·7472·3e3c·7468·3e43·6f6d·706c··d"><tr><th>Compl


Offset 2162, 14 lines modified		Offset 2162, 30 lines modified
2162	$·sudo·systemctl·mask·--now·apport.service	2162	$·sudo·systemctl·mask·--now·apport.service
2163	···························The·Apport·service·modifies·the·kernel·fs.suid_dumpable	2163	···························The·Apport·service·modifies·the·kernel·fs.suid_dumpable
2164	Rationale:·················configuration·at·runtime·which·prevents·other·hardening·from	2164	Rationale:·················configuration·at·runtime·which·prevents·other·hardening·from
2165	···························being·persistent.·Disabling·the·service·prevents·this·behavior.	2165	···························being·persistent.·Disabling·the·service·prevents·this·behavior.
2166	Severity: ················unknown	2166	Severity: ················unknown
2167	Rule·ID:···················xccdf_org.ssgproject.content_rule_service_apport_disabled	2167	Rule·ID:···················xccdf_org.ssgproject.content_rule_service_apport_disabled
2168	Identifiers·and·References	2168	Identifiers·and·References
		2169	Remediation_OSBuild_Blueprint_snippet_⇲

		2170	[customizations.services]
		2171	disabled·=·["apport"]
		2172	Remediation_Puppet_snippet_⇲
		2173	Complexity:·low
		2174	Disruption:·low
		2175	Strategy:···enable
		2176	include·disable_apport

		2177	class·disable_apport·{
		2178	··service·{'apport':
		2179	····enable·=>·false,
		2180	····ensure·=>·'stopped',
		2181	··}
		2182	}
2169	Remediation_Kubernetes_snippet_⇲	2183	Remediation_Kubernetes_snippet_⇲
2170	Complexity:·low	2184	Complexity:·low
2171	Disruption:·medium	2185	Disruption:·medium
2172	Reboot:·····true	2186	Reboot:·····true
2173	Strategy:···disable	2187	Strategy:···disable
2174	apiVersion:·machineconfiguration.openshift.io/v1	2188	apiVersion:·machineconfiguration.openshift.io/v1
2175	kind:·MachineConfig	2189	kind:·MachineConfig
Offset 2181, 30 lines modified		Offset 2197, 14 lines modified
2181	······units:	2197	······units:
2182	······-·name:·apport.service	2198	······-·name:·apport.service
2183	········enabled:·false	2199	········enabled:·false
2184	········mask:·true	2200	········mask:·true
2185	······-·name:·apport.socket	2201	······-·name:·apport.socket
2186	········enabled:·false	2202	········enabled:·false
2187	········mask:·true	2203	········mask:·true


Offset 42994, 25 lines modified		Offset 42994, 25 lines modified
000a7f10:·7620·636c·6173·733d·2270·616e·656c·2d63··v·class="panel-c		000a7f10:·7620·636c·6173·733d·2270·616e·656c·2d63··v·class="panel-c
000a7f20:·6f6c·6c61·7073·6520·636f·6c6c·6170·7365··ollapse·collapse		000a7f20:·6f6c·6c61·7073·6520·636f·6c6c·6170·7365··ollapse·collapse
000a7f30:·2220·6964·3d22·6964·6d31·3236·3738·223e··"·id="idm12678">		000a7f30:·2220·6964·3d22·6964·6d31·3236·3738·223e··"·id="idm12678">
000a7f40:·3c70·7265·3e3c·636f·6465·3e23·2052·656d··<pre><code>#·Rem		000a7f40:·3c70·7265·3e3c·636f·6465·3e23·2052·656d··<pre><code>#·Rem
000a7f50:·6564·6961·7469·6f6e·2069·7320·6170·706c··ediation·is·appl		000a7f50:·6564·6961·7469·6f6e·2069·7320·6170·706c··ediation·is·appl
000a7f60:·6963·6162·6c65·206f·6e6c·7920·696e·2063··icable·only·in·c		000a7f60:·6963·6162·6c65·206f·6e6c·7920·696e·2063··icable·only·in·c
000a7f70:·6572·7461·696e·2070·6c61·7466·6f72·6d73··ertain·platforms		000a7f70:·6572·7461·696e·2070·6c61·7466·6f72·6d73··ertain·platforms
		000a7f80:·0a69·6620·6470·6b67·2d71·7565·7279·202d··.if·dpkg-query·-
		000a7f90:·2d73·686f·7720·2d2d·7368·6f77·666f·726d··-show·--showform
		000a7fa0:·6174·3d27·247b·6462·3a53·7461·7475·732d··at='${db:Status-
		000a7fb0:·5374·6174·7573·7d5c·6e27·2027·6175·6469··Status}\n'·'audi
		000a7fc0:·7464·2720·3226·6774·3b2f·6465·762f·6e75··td'·2>/dev/nu
		000a7fd0:·6c6c·207c·2067·7265·7020·2d71·2069·6e73··ll·\|·grep·-q·ins
		000a7fe0:·7461·6c6c·6564·2026·616d·703b·2661·6d70··talled·&&amp
000a7f80:~~·0a69~~·6620·5b20·2120·2d66·202f·2e64·6f63·~~·.if~~·[·!·-f·/.doc		000a7ff0:·3b20·5b20·2120·2d66·202f·2e64·6f63·6b65··;·[·!·-f·/.docke
000a~~7f9~~0:~~·6b65~~·7265·6e76·205d·2026·616d·703b·2661·~~·ke~~renv·]·&&a		000a8000:·7265·6e76·205d·2026·616d·703b·2661·6d70··renv·]·&&amp
000a~~7fa~~0:~~·6d70~~·3b20·5b20·2120·2d66·202f·7275·6e2f·~~·mp~~;·[·!·-f·/run/		000a8010:·3b20·5b20·2120·2d66·202f·7275·6e2f·2e63··;·[·!·-f·/run/.c
000a7fb0:·2e63·6f6e·7461·696e·6572·656e·7620·5d20~~··.c~~ontainerenv·]·		000a8020:·6f6e·7461·696e·6572·656e·7620·5d3b·2074··ontainerenv·];·t
000a7fc0:·2661·6d70·3b26·616d·703b·2064·706b·672d··&&·dpkg-
000a7fd0:·7175·6572·7920·2d2d·7368·6f77·202d·2d73··query·--show·--s
000a7fe0:·686f·7766·6f72·6d61·743d·2724·7b64·623a··howformat='${db:
000a7ff0:·5374·6174·7573·2d53·7461·7475·737d·5c6e··Status-Status}\n
000a8000:·2720·2761·7564·6974·6427·2032·2667·743b··'·'auditd'·2>
000a8010:·2f64·6576·2f6e·756c·6c20·7c20·6772·6570··/dev/null·\|·grep
000a8020:·202d·7120·696e·7374·616c·6c65·643b·2074···-q·installed;·t
000a8030:·6865·6e0a·0a23·2046·6972·7374·2070·6572··hen..#·First·per		000a8030:·6865·6e0a·0a23·2046·6972·7374·2070·6572··hen..#·First·per
000a8040:·666f·726d·2074·6865·2072·656d·6564·6961··form·the·remedia		000a8040:·666f·726d·2074·6865·2072·656d·6564·6961··form·the·remedia
000a8050:·7469·6f6e·206f·6620·7468·6520·7379·7363··tion·of·the·sysc		000a8050:·7469·6f6e·206f·6620·7468·6520·7379·7363··tion·of·the·sysc
000a8060:·616c·6c20·7275·6c65·0a23·2052·6574·7269··all·rule.#·Retri		000a8060:·616c·6c20·7275·6c65·0a23·2052·6574·7269··all·rule.#·Retri
000a8070:·6576·6520·6861·7264·7761·7265·2061·7263··eve·hardware·arc		000a8070:·6576·6520·6861·7264·7761·7265·2061·7263··eve·hardware·arc
000a8080:·6869·7465·6374·7572·6520·6f66·2074·6865··hitecture·of·the		000a8080:·6869·7465·6374·7572·6520·6f66·2074·6865··hitecture·of·the
000a8090:·2075·6e64·6572·6c79·696e·6720·7379·7374···underlying·syst		000a8090:·2075·6e64·6572·6c79·696e·6720·7379·7374···underlying·syst
Offset 43892, 23 lines modified		Offset 43892, 23 lines modified
000ab730:·745f·7265·7175·6972·6564·0a20·202d·2072··t_required.··-·r		000ab730:·745f·7265·7175·6972·6564·0a20·202d·2072··t_required.··-·r
000ab740:·6573·7472·6963·745f·7374·7261·7465·6779··estrict_strategy		000ab740:·6573·7472·6963·745f·7374·7261·7465·6779··estrict_strategy
000ab750:·0a0a·2d20·6e61·6d65·3a20·5365·7420·6172··..-·name:·Set·ar		000ab750:·0a0a·2d20·6e61·6d65·3a20·5365·7420·6172··..-·name:·Set·ar
000ab760:·6368·6974·6563·7475·7265·2066·6f72·2061··chitecture·for·a		000ab760:·6368·6974·6563·7475·7265·2066·6f72·2061··chitecture·for·a
000ab770:·7564·6974·2063·686d·6f64·2074·6173·6b73··udit·chmod·tasks		000ab770:·7564·6974·2063·686d·6f64·2074·6173·6b73··udit·chmod·tasks


Offset 3626, 16 lines modified		Offset 3626, 16 lines modified
3626	············DE.AE-5,·DE.CM-1,·DE.CM-3,·DE.CM-7,·ID.SC-4,·PR.AC-3,·PR.PT-1,·PR.PT-4,·RS.AN-1,·RS.AN-4,	3626	············DE.AE-5,·DE.CM-1,·DE.CM-3,·DE.CM-7,·ID.SC-4,·PR.AC-3,·PR.PT-1,·PR.PT-4,·RS.AN-1,·RS.AN-4,
3627	············FAU_GEN.1.1.c,·Req-10.5.5,·SRG-OS-000037-GPOS-00015,·SRG-OS-000042-GPOS-00020,·SRG-OS-000062-	3627	············FAU_GEN.1.1.c,·Req-10.5.5,·SRG-OS-000037-GPOS-00015,·SRG-OS-000042-GPOS-00020,·SRG-OS-000062-
3628	············GPOS-00031,·SRG-OS-000392-GPOS-00172,·SRG-OS-000462-GPOS-00206,·SRG-OS-000471-GPOS-00215,·SRG-OS-	3628	············GPOS-00031,·SRG-OS-000392-GPOS-00172,·SRG-OS-000462-GPOS-00206,·SRG-OS-000471-GPOS-00215,·SRG-OS-
3629	············000064-GPOS-00033,·SRG-OS-000466-GPOS-00210,·SRG-OS-000458-GPOS-00203,·SRG-OS-000458-VMM-001810,	3629	············000064-GPOS-00033,·SRG-OS-000466-GPOS-00210,·SRG-OS-000458-GPOS-00203,·SRG-OS-000458-VMM-001810,
3630	············SRG-OS-000474-VMM-001940,·UBTU-20-010152,·4.1.9	3630	············SRG-OS-000474-VMM-001940,·UBTU-20-010152,·4.1.9
3631	Remediation_Shell_script_⇲	3631	Remediation_Shell_script_⇲
3632	#·Remediation·is·applicable·only·in·certain·platforms	3632	#·Remediation·is·applicable·only·in·certain·platforms
3633	if·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·]·&&·dpkg-query·--show·--showformat='${db:Status-
3634	Status}\n'·'auditd'·2>/dev/null·\|·grep·-q·installed;·~~then~~	3633	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'auditd'·2>/dev/null·\|·grep·-q·installed·&&·[·!·-
		3634	f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·then

3635	#·First·perform·the·remediation·of·the·syscall·rule	3635	#·First·perform·the·remediation·of·the·syscall·rule
3636	#·Retrieve·hardware·architecture·of·the·underlying·system	3636	#·Retrieve·hardware·architecture·of·the·underlying·system
3637	[·"$(getconf·LONG_BIT)"·=·"32"·]·&&·RULE_ARCHS=("b32")·\|\|·RULE_ARCHS=("b32"·"b64")	3637	[·"$(getconf·LONG_BIT)"·=·"32"·]·&&·RULE_ARCHS=("b32")·\|\|·RULE_ARCHS=("b32"·"b64")

3638	for·ARCH·in·"${RULE_ARCHS[@]}"	3638	for·ARCH·in·"${RULE_ARCHS[@]}"
3639	do	3639	do
Offset 3991, 16 lines modified		Offset 3991, 16 lines modified
3991	··-·reboot_required	3991	··-·reboot_required
3992	··-·restrict_strategy	3992	··-·restrict_strategy

3993	-·name:·Set·architecture·for·audit·chmod·tasks	3993	-·name:·Set·architecture·for·audit·chmod·tasks
3994	··set_fact:	3994	··set_fact:
3995	····audit_arch:·b64	3995	····audit_arch:·b64
3996	··when:	3996	··when:
3997	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3998	··-·'"auditd"·in·ansible_facts.packages'	3997	··-·'"auditd"·in·ansible_facts.packages'
		3998	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3999	··-·ansible_architecture·==·"aarch64"·or·ansible_architecture·==·"ppc64"·or·ansible_architecture	3999	··-·ansible_architecture·==·"aarch64"·or·ansible_architecture·==·"ppc64"·or·ansible_architecture
4000	····==·"ppc64le"·or·ansible_architecture·==·"s390x"·or·ansible_architecture·==·"x86_64"	4000	····==·"ppc64le"·or·ansible_architecture·==·"s390x"·or·ansible_architecture·==·"x86_64"
4001	··tags:	4001	··tags:
4002	··-·CJIS-5.4.1.1	4002	··-·CJIS-5.4.1.1
4003	··-·DISA-STIG-UBTU-20-010152	4003	··-·DISA-STIG-UBTU-20-010152
4004	··-·NIST-800-171-3.1.7	4004	··-·NIST-800-171-3.1.7
4005	··-·NIST-800-53-AU-12(c)	4005	··-·NIST-800-53-AU-12(c)
Offset 4137, 16 lines modified		Offset 4137, 16 lines modified
4137	······line:·-a·always,exit·-F·arch=b32·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000	4137	······line:·-a·always,exit·-F·arch=b32·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000
4138	········-F·auid!=unset·-F·key=perm_mod	4138	········-F·auid!=unset·-F·key=perm_mod
4139	······create:·true	4139	······create:·true
4140	······mode:·o-rwx	4140	······mode:·o-rwx
4141	······state:·present	4141	······state:·present
4142	····when:·syscalls_found·\|·length·==·0	4142	····when:·syscalls_found·\|·length·==·0
4143	··when:	4143	··when:
4144	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4145	··-·'"auditd"·in·ansible_facts.packages'	4144	··-·'"auditd"·in·ansible_facts.packages'
		4145	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4146	··tags:	4146	··tags:
4147	··-·CJIS-5.4.1.1	4147	··-·CJIS-5.4.1.1
4148	··-·DISA-STIG-UBTU-20-010152	4148	··-·DISA-STIG-UBTU-20-010152
4149	··-·NIST-800-171-3.1.7	4149	··-·NIST-800-171-3.1.7
4150	··-·NIST-800-53-AU-12(c)	4150	··-·NIST-800-53-AU-12(c)
4151	··-·NIST-800-53-AU-2(d)	4151	··-·NIST-800-53-AU-2(d)
4152	··-·NIST-800-53-CM-6(a)	4152	··-·NIST-800-53-CM-6(a)
Offset 4281, 16 lines modified		Offset 4281, 16 lines modified
4281	······line:·-a·always,exit·-F·arch=b64·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000	4281	······line:·-a·always,exit·-F·arch=b64·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000
4282	········-F·auid!=unset·-F·key=perm_mod	4282	········-F·auid!=unset·-F·key=perm_mod
4283	······create:·true	4283	······create:·true
4284	······mode:·o-rwx	4284	······mode:·o-rwx
4285	······state:·present	4285	······state:·present
4286	····when:·syscalls_found·\|·length·==·0	4286	····when:·syscalls_found·\|·length·==·0
4287	··when:	4287	··when:
4288	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4289	··-·'"auditd"·in·ansible_facts.packages'	4288	··-·'"auditd"·in·ansible_facts.packages'
		4289	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4290	··-·audit_arch·==·"b64"	4290	··-·audit_arch·==·"b64"
4291	··tags:	4291	··tags:
4292	··-·CJIS-5.4.1.1	4292	··-·CJIS-5.4.1.1
4293	··-·DISA-STIG-UBTU-20-010152	4293	··-·DISA-STIG-UBTU-20-010152
4294	··-·NIST-800-171-3.1.7	4294	··-·NIST-800-171-3.1.7
4295	··-·NIST-800-53-AU-12(c)	4295	··-·NIST-800-53-AU-12(c)
4296	··-·NIST-800-53-AU-2(d)	4296	··-·NIST-800-53-AU-2(d)
Offset 4336, 16 lines modified		Offset 4336, 16 lines modified
4336	············DE.AE-5,·DE.CM-1,·DE.CM-3,·DE.CM-7,·ID.SC-4,·PR.AC-3,·PR.PT-1,·PR.PT-4,·RS.AN-1,·RS.AN-4,	4336	············DE.AE-5,·DE.CM-1,·DE.CM-3,·DE.CM-7,·ID.SC-4,·PR.AC-3,·PR.PT-1,·PR.PT-4,·RS.AN-1,·RS.AN-4,
4337	············FAU_GEN.1.1.c,·Req-10.5.5,·SRG-OS-000037-GPOS-00015,·SRG-OS-000042-GPOS-00020,·SRG-OS-000062-	4337	············FAU_GEN.1.1.c,·Req-10.5.5,·SRG-OS-000037-GPOS-00015,·SRG-OS-000042-GPOS-00020,·SRG-OS-000062-
4338	············GPOS-00031,·SRG-OS-000392-GPOS-00172,·SRG-OS-000462-GPOS-00206,·SRG-OS-000471-GPOS-00215,·SRG-OS-	4338	············GPOS-00031,·SRG-OS-000392-GPOS-00172,·SRG-OS-000462-GPOS-00206,·SRG-OS-000471-GPOS-00215,·SRG-OS-
4339	············000064-GPOS-00033,·SRG-OS-000466-GPOS-00210,·SRG-OS-000458-GPOS-00203,·SRG-OS-000474-GPOS-00219,	4339	············000064-GPOS-00033,·SRG-OS-000466-GPOS-00210,·SRG-OS-000458-GPOS-00203,·SRG-OS-000474-GPOS-00219,
4340	············SRG-OS-000458-VMM-001810,·SRG-OS-000474-VMM-001940,·UBTU-20-010148,·4.1.9	4340	············SRG-OS-000458-VMM-001810,·SRG-OS-000474-VMM-001940,·UBTU-20-010148,·4.1.9
4341	Remediation_Shell_script_⇲	4341	Remediation_Shell_script_⇲
4342	#·Remediation·is·applicable·only·in·certain·platforms	4342	#·Remediation·is·applicable·only·in·certain·platforms
4343	if·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·]·&&·dpkg-query·--show·--showformat='${db:Status-
4344	Status}\n'·'auditd'·2>/dev/null·\|·grep·-q·installed;·~~then~~	4343	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'auditd'·2>/dev/null·\|·grep·-q·installed·&&·[·!·-
		4344	f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·then

4345	#·First·perform·the·remediation·of·the·syscall·rule	4345	#·First·perform·the·remediation·of·the·syscall·rule
4346	#·Retrieve·hardware·architecture·of·the·underlying·system	4346	#·Retrieve·hardware·architecture·of·the·underlying·system
4347	[·"$(getconf·LONG_BIT)"·=·"32"·]·&&·RULE_ARCHS=("b32")·\|\|·RULE_ARCHS=("b32"·"b64")	4347	[·"$(getconf·LONG_BIT)"·=·"32"·]·&&·RULE_ARCHS=("b32")·\|\|·RULE_ARCHS=("b32"·"b64")

4348	for·ARCH·in·"${RULE_ARCHS[@]}"	4348	for·ARCH·in·"${RULE_ARCHS[@]}"
4349	do	4349	do
Offset 4701, 16 lines modified		Offset 4701, 16 lines modified
4701	··-·reboot_required	4701	··-·reboot_required
4702	··-·restrict_strategy	4702	··-·restrict_strategy

4703	-·name:·Set·architecture·for·audit·chown·tasks	4703	-·name:·Set·architecture·for·audit·chown·tasks
4704	··set_fact:	4704	··set_fact:
4705	····audit_arch:·b64	4705	····audit_arch:·b64
4706	··when:	4706	··when:
4707	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4708	··-·'"auditd"·in·ansible_facts.packages'	4707	··-·'"auditd"·in·ansible_facts.packages'
		4708	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4709	··-·ansible_architecture·==·"aarch64"·or·ansible_architecture·==·"ppc64"·or·ansible_architecture	4709	··-·ansible_architecture·==·"aarch64"·or·ansible_architecture·==·"ppc64"·or·ansible_architecture
4710	····==·"ppc64le"·or·ansible_architecture·==·"s390x"·or·ansible_architecture·==·"x86_64"	4710	····==·"ppc64le"·or·ansible_architecture·==·"s390x"·or·ansible_architecture·==·"x86_64"
4711	··tags:	4711	··tags:
4712	··-·CJIS-5.4.1.1	4712	··-·CJIS-5.4.1.1
4713	··-·DISA-STIG-UBTU-20-010148	4713	··-·DISA-STIG-UBTU-20-010148
4714	··-·NIST-800-171-3.1.7	4714	··-·NIST-800-171-3.1.7
4715	··-·NIST-800-53-AU-12(c)	4715	··-·NIST-800-53-AU-12(c)
Offset 4849, 16 lines modified		Offset 4849, 16 lines modified
4849	······line:·-a·always,exit·-F·arch=b32·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000	4849	······line:·-a·always,exit·-F·arch=b32·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000
4850	········-F·auid!=unset·-F·key=perm_mod	4850	········-F·auid!=unset·-F·key=perm_mod
4851	······create:·true	4851	······create:·true
4852	······mode:·o-rwx	4852	······mode:·o-rwx
4853	······state:·present	4853	······state:·present
4854	····when:·syscalls_found·\|·length·==·0	4854	····when:·syscalls_found·\|·length·==·0
4855	··when:	4855	··when:
4856	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4857	··-·'"auditd"·in·ansible_facts.packages'	4856	··-·'"auditd"·in·ansible_facts.packages'
		4857	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4858	··tags:	4858	··tags:
4859	··-·CJIS-5.4.1.1	4859	··-·CJIS-5.4.1.1
4860	··-·DISA-STIG-UBTU-20-010148	4860	··-·DISA-STIG-UBTU-20-010148
4861	··-·NIST-800-171-3.1.7	4861	··-·NIST-800-171-3.1.7
4862	··-·NIST-800-53-AU-12(c)	4862	··-·NIST-800-53-AU-12(c)
4863	··-·NIST-800-53-AU-2(d)	4863	··-·NIST-800-53-AU-2(d)
4864	··-·NIST-800-53-CM-6(a)	4864	··-·NIST-800-53-CM-6(a)
Offset 4995, 16 lines modified		Offset 4995, 16 lines modified
4995	······line:·-a·always,exit·-F·arch=b64·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000	4995	······line:·-a·always,exit·-F·arch=b64·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000
Max diff block lines reached; 188112/193883 bytes (97.02%) of diff not shown.


Offset 3759, 16 lines modified		Offset 3759, 16 lines modified
3759	············DE.AE-5,·DE.CM-1,·DE.CM-3,·DE.CM-7,·ID.SC-4,·PR.AC-3,·PR.PT-1,·PR.PT-4,·RS.AN-1,·RS.AN-4,	3759	············DE.AE-5,·DE.CM-1,·DE.CM-3,·DE.CM-7,·ID.SC-4,·PR.AC-3,·PR.PT-1,·PR.PT-4,·RS.AN-1,·RS.AN-4,
3760	············FAU_GEN.1.1.c,·Req-10.5.5,·SRG-OS-000037-GPOS-00015,·SRG-OS-000042-GPOS-00020,·SRG-OS-000062-	3760	············FAU_GEN.1.1.c,·Req-10.5.5,·SRG-OS-000037-GPOS-00015,·SRG-OS-000042-GPOS-00020,·SRG-OS-000062-
3761	············GPOS-00031,·SRG-OS-000392-GPOS-00172,·SRG-OS-000462-GPOS-00206,·SRG-OS-000471-GPOS-00215,·SRG-OS-	3761	············GPOS-00031,·SRG-OS-000392-GPOS-00172,·SRG-OS-000462-GPOS-00206,·SRG-OS-000471-GPOS-00215,·SRG-OS-
3762	············000064-GPOS-00033,·SRG-OS-000466-GPOS-00210,·SRG-OS-000458-GPOS-00203,·SRG-OS-000458-VMM-001810,	3762	············000064-GPOS-00033,·SRG-OS-000466-GPOS-00210,·SRG-OS-000458-GPOS-00203,·SRG-OS-000458-VMM-001810,
3763	············SRG-OS-000474-VMM-001940,·UBTU-20-010152,·4.1.9	3763	············SRG-OS-000474-VMM-001940,·UBTU-20-010152,·4.1.9
3764	Remediation_Shell_script_⇲	3764	Remediation_Shell_script_⇲
3765	#·Remediation·is·applicable·only·in·certain·platforms	3765	#·Remediation·is·applicable·only·in·certain·platforms
3766	if·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·]·&&·dpkg-query·--show·--showformat='${db:Status-
3767	Status}\n'·'auditd'·2>/dev/null·\|·grep·-q·installed;·~~then~~	3766	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'auditd'·2>/dev/null·\|·grep·-q·installed·&&·[·!·-
		3767	f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·then

3768	#·First·perform·the·remediation·of·the·syscall·rule	3768	#·First·perform·the·remediation·of·the·syscall·rule
3769	#·Retrieve·hardware·architecture·of·the·underlying·system	3769	#·Retrieve·hardware·architecture·of·the·underlying·system
3770	[·"$(getconf·LONG_BIT)"·=·"32"·]·&&·RULE_ARCHS=("b32")·\|\|·RULE_ARCHS=("b32"·"b64")	3770	[·"$(getconf·LONG_BIT)"·=·"32"·]·&&·RULE_ARCHS=("b32")·\|\|·RULE_ARCHS=("b32"·"b64")

3771	for·ARCH·in·"${RULE_ARCHS[@]}"	3771	for·ARCH·in·"${RULE_ARCHS[@]}"
3772	do	3772	do
Offset 4124, 16 lines modified		Offset 4124, 16 lines modified
4124	··-·reboot_required	4124	··-·reboot_required
4125	··-·restrict_strategy	4125	··-·restrict_strategy

4126	-·name:·Set·architecture·for·audit·chmod·tasks	4126	-·name:·Set·architecture·for·audit·chmod·tasks
4127	··set_fact:	4127	··set_fact:
4128	····audit_arch:·b64	4128	····audit_arch:·b64
4129	··when:	4129	··when:
4130	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4131	··-·'"auditd"·in·ansible_facts.packages'	4130	··-·'"auditd"·in·ansible_facts.packages'
		4131	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4132	··-·ansible_architecture·==·"aarch64"·or·ansible_architecture·==·"ppc64"·or·ansible_architecture	4132	··-·ansible_architecture·==·"aarch64"·or·ansible_architecture·==·"ppc64"·or·ansible_architecture
4133	····==·"ppc64le"·or·ansible_architecture·==·"s390x"·or·ansible_architecture·==·"x86_64"	4133	····==·"ppc64le"·or·ansible_architecture·==·"s390x"·or·ansible_architecture·==·"x86_64"
4134	··tags:	4134	··tags:
4135	··-·CJIS-5.4.1.1	4135	··-·CJIS-5.4.1.1
4136	··-·DISA-STIG-UBTU-20-010152	4136	··-·DISA-STIG-UBTU-20-010152
4137	··-·NIST-800-171-3.1.7	4137	··-·NIST-800-171-3.1.7
4138	··-·NIST-800-53-AU-12(c)	4138	··-·NIST-800-53-AU-12(c)
Offset 4270, 16 lines modified		Offset 4270, 16 lines modified
4270	······line:·-a·always,exit·-F·arch=b32·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000	4270	······line:·-a·always,exit·-F·arch=b32·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000
4271	········-F·auid!=unset·-F·key=perm_mod	4271	········-F·auid!=unset·-F·key=perm_mod
4272	······create:·true	4272	······create:·true
4273	······mode:·o-rwx	4273	······mode:·o-rwx
4274	······state:·present	4274	······state:·present
4275	····when:·syscalls_found·\|·length·==·0	4275	····when:·syscalls_found·\|·length·==·0
4276	··when:	4276	··when:
4277	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4278	··-·'"auditd"·in·ansible_facts.packages'	4277	··-·'"auditd"·in·ansible_facts.packages'
		4278	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4279	··tags:	4279	··tags:
4280	··-·CJIS-5.4.1.1	4280	··-·CJIS-5.4.1.1
4281	··-·DISA-STIG-UBTU-20-010152	4281	··-·DISA-STIG-UBTU-20-010152
4282	··-·NIST-800-171-3.1.7	4282	··-·NIST-800-171-3.1.7
4283	··-·NIST-800-53-AU-12(c)	4283	··-·NIST-800-53-AU-12(c)
4284	··-·NIST-800-53-AU-2(d)	4284	··-·NIST-800-53-AU-2(d)
4285	··-·NIST-800-53-CM-6(a)	4285	··-·NIST-800-53-CM-6(a)
Offset 4414, 16 lines modified		Offset 4414, 16 lines modified
4414	······line:·-a·always,exit·-F·arch=b64·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000	4414	······line:·-a·always,exit·-F·arch=b64·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000
4415	········-F·auid!=unset·-F·key=perm_mod	4415	········-F·auid!=unset·-F·key=perm_mod
4416	······create:·true	4416	······create:·true
4417	······mode:·o-rwx	4417	······mode:·o-rwx
4418	······state:·present	4418	······state:·present
4419	····when:·syscalls_found·\|·length·==·0	4419	····when:·syscalls_found·\|·length·==·0
4420	··when:	4420	··when:
4421	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4422	··-·'"auditd"·in·ansible_facts.packages'	4421	··-·'"auditd"·in·ansible_facts.packages'
		4422	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4423	··-·audit_arch·==·"b64"	4423	··-·audit_arch·==·"b64"
4424	··tags:	4424	··tags:
4425	··-·CJIS-5.4.1.1	4425	··-·CJIS-5.4.1.1
4426	··-·DISA-STIG-UBTU-20-010152	4426	··-·DISA-STIG-UBTU-20-010152
4427	··-·NIST-800-171-3.1.7	4427	··-·NIST-800-171-3.1.7
4428	··-·NIST-800-53-AU-12(c)	4428	··-·NIST-800-53-AU-12(c)
4429	··-·NIST-800-53-AU-2(d)	4429	··-·NIST-800-53-AU-2(d)
Offset 4469, 16 lines modified		Offset 4469, 16 lines modified
4469	············DE.AE-5,·DE.CM-1,·DE.CM-3,·DE.CM-7,·ID.SC-4,·PR.AC-3,·PR.PT-1,·PR.PT-4,·RS.AN-1,·RS.AN-4,	4469	············DE.AE-5,·DE.CM-1,·DE.CM-3,·DE.CM-7,·ID.SC-4,·PR.AC-3,·PR.PT-1,·PR.PT-4,·RS.AN-1,·RS.AN-4,
4470	············FAU_GEN.1.1.c,·Req-10.5.5,·SRG-OS-000037-GPOS-00015,·SRG-OS-000042-GPOS-00020,·SRG-OS-000062-	4470	············FAU_GEN.1.1.c,·Req-10.5.5,·SRG-OS-000037-GPOS-00015,·SRG-OS-000042-GPOS-00020,·SRG-OS-000062-
4471	············GPOS-00031,·SRG-OS-000392-GPOS-00172,·SRG-OS-000462-GPOS-00206,·SRG-OS-000471-GPOS-00215,·SRG-OS-	4471	············GPOS-00031,·SRG-OS-000392-GPOS-00172,·SRG-OS-000462-GPOS-00206,·SRG-OS-000471-GPOS-00215,·SRG-OS-
4472	············000064-GPOS-00033,·SRG-OS-000466-GPOS-00210,·SRG-OS-000458-GPOS-00203,·SRG-OS-000474-GPOS-00219,	4472	············000064-GPOS-00033,·SRG-OS-000466-GPOS-00210,·SRG-OS-000458-GPOS-00203,·SRG-OS-000474-GPOS-00219,
4473	············SRG-OS-000458-VMM-001810,·SRG-OS-000474-VMM-001940,·UBTU-20-010148,·4.1.9	4473	············SRG-OS-000458-VMM-001810,·SRG-OS-000474-VMM-001940,·UBTU-20-010148,·4.1.9
4474	Remediation_Shell_script_⇲	4474	Remediation_Shell_script_⇲
4475	#·Remediation·is·applicable·only·in·certain·platforms	4475	#·Remediation·is·applicable·only·in·certain·platforms
4476	if·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·]·&&·dpkg-query·--show·--showformat='${db:Status-
4477	Status}\n'·'auditd'·2>/dev/null·\|·grep·-q·installed;·~~then~~	4476	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'auditd'·2>/dev/null·\|·grep·-q·installed·&&·[·!·-
		4477	f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·then

4478	#·First·perform·the·remediation·of·the·syscall·rule	4478	#·First·perform·the·remediation·of·the·syscall·rule
4479	#·Retrieve·hardware·architecture·of·the·underlying·system	4479	#·Retrieve·hardware·architecture·of·the·underlying·system
4480	[·"$(getconf·LONG_BIT)"·=·"32"·]·&&·RULE_ARCHS=("b32")·\|\|·RULE_ARCHS=("b32"·"b64")	4480	[·"$(getconf·LONG_BIT)"·=·"32"·]·&&·RULE_ARCHS=("b32")·\|\|·RULE_ARCHS=("b32"·"b64")

4481	for·ARCH·in·"${RULE_ARCHS[@]}"	4481	for·ARCH·in·"${RULE_ARCHS[@]}"
4482	do	4482	do
Offset 4834, 16 lines modified		Offset 4834, 16 lines modified
4834	··-·reboot_required	4834	··-·reboot_required
4835	··-·restrict_strategy	4835	··-·restrict_strategy

4836	-·name:·Set·architecture·for·audit·chown·tasks	4836	-·name:·Set·architecture·for·audit·chown·tasks
4837	··set_fact:	4837	··set_fact:
4838	····audit_arch:·b64	4838	····audit_arch:·b64
4839	··when:	4839	··when:
4840	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4841	··-·'"auditd"·in·ansible_facts.packages'	4840	··-·'"auditd"·in·ansible_facts.packages'
		4841	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4842	··-·ansible_architecture·==·"aarch64"·or·ansible_architecture·==·"ppc64"·or·ansible_architecture	4842	··-·ansible_architecture·==·"aarch64"·or·ansible_architecture·==·"ppc64"·or·ansible_architecture
4843	····==·"ppc64le"·or·ansible_architecture·==·"s390x"·or·ansible_architecture·==·"x86_64"	4843	····==·"ppc64le"·or·ansible_architecture·==·"s390x"·or·ansible_architecture·==·"x86_64"
4844	··tags:	4844	··tags:
4845	··-·CJIS-5.4.1.1	4845	··-·CJIS-5.4.1.1
4846	··-·DISA-STIG-UBTU-20-010148	4846	··-·DISA-STIG-UBTU-20-010148
4847	··-·NIST-800-171-3.1.7	4847	··-·NIST-800-171-3.1.7
4848	··-·NIST-800-53-AU-12(c)	4848	··-·NIST-800-53-AU-12(c)
Offset 4982, 16 lines modified		Offset 4982, 16 lines modified
4982	······line:·-a·always,exit·-F·arch=b32·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000	4982	······line:·-a·always,exit·-F·arch=b32·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000
4983	········-F·auid!=unset·-F·key=perm_mod	4983	········-F·auid!=unset·-F·key=perm_mod
4984	······create:·true	4984	······create:·true
4985	······mode:·o-rwx	4985	······mode:·o-rwx
4986	······state:·present	4986	······state:·present
4987	····when:·syscalls_found·\|·length·==·0	4987	····when:·syscalls_found·\|·length·==·0
4988	··when:	4988	··when:
4989	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4990	··-·'"auditd"·in·ansible_facts.packages'	4989	··-·'"auditd"·in·ansible_facts.packages'
		4990	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
4991	··tags:	4991	··tags:
4992	··-·CJIS-5.4.1.1	4992	··-·CJIS-5.4.1.1
4993	··-·DISA-STIG-UBTU-20-010148	4993	··-·DISA-STIG-UBTU-20-010148
4994	··-·NIST-800-171-3.1.7	4994	··-·NIST-800-171-3.1.7
4995	··-·NIST-800-53-AU-12(c)	4995	··-·NIST-800-53-AU-12(c)
4996	··-·NIST-800-53-AU-2(d)	4996	··-·NIST-800-53-AU-2(d)
4997	··-·NIST-800-53-CM-6(a)	4997	··-·NIST-800-53-CM-6(a)
Offset 5128, 16 lines modified		Offset 5128, 16 lines modified
5128	······line:·-a·always,exit·-F·arch=b64·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000	5128	······line:·-a·always,exit·-F·arch=b64·-S·{{·syscalls·\|·join(',')·}}·-F·auid>=1000
Max diff block lines reached; 196721/202492 bytes (97.15%) of diff not shown.


Offset 38072, 24 lines modified		Offset 38072, 24 lines modified
00094b70:·683e·5374·7261·7465·6779·3a3c·2f74·683e··h>Strategy:</th>		00094b70:·683e·5374·7261·7465·6779·3a3c·2f74·683e··h>Strategy:</th>
00094b80:·3c74·643e·636f·6e66·6967·7572·653c·2f74··<td>configure</t		00094b80:·3c74·643e·636f·6e66·6967·7572·653c·2f74··<td>configure</t
00094b90:·643e·3c2f·7472·3e3c·2f74·6162·6c65·3e3c··d></tr></table><		00094b90:·643e·3c2f·7472·3e3c·2f74·6162·6c65·3e3c··d></tr></table><
00094ba0:·7072·653e·3c63·6f64·653e·2320·5265·6d65··pre><code>#·Reme		00094ba0:·7072·653e·3c63·6f64·653e·2320·5265·6d65··pre><code>#·Reme
00094bb0:·6469·6174·696f·6e20·6973·2061·7070·6c69··diation·is·appli		00094bb0:·6469·6174·696f·6e20·6973·2061·7070·6c69··diation·is·appli
00094bc0:·6361·626c·6520·6f6e·6c79·2069·6e20·6365··cable·only·in·ce		00094bc0:·6361·626c·6520·6f6e·6c79·2069·6e20·6365··cable·only·in·ce
00094bd0:·7274·6169·6e20·706c·6174·666f·726d·730a··rtain·platforms.		00094bd0:·7274·6169·6e20·706c·6174·666f·726d·730a··rtain·platforms.
		00094be0:·6966·205b·2021·202d·6620·2f73·7973·2f66··if·[·!·-f·/sys/f
00094be0:·6966·2064·706b·672d·7175·6572·7920·2d2d··if·dpkg-query·--
00094bf0:·7368·6f77·202d·2d73·686f·7766·6f72·6d61··show·--showforma
00094c00:·743d·2724·7b64·623a·5374·6174·7573·2d53··t='${db:Status-S
00094c10:·7461·7475·737d·5c6e·2720·2767·7275·6232··tatus}\n'·'grub2
00094c20:·2d63·6f6d·6d6f·6e27·2032·2667·743b·2f64··-common'·2>/d
00094c30:·6576·2f6e·756c·6c20·7c20·6772·6570·202d··ev/null·\|·grep·-
00094c40:·7120·696e·7374·616c·6c65·6420·2661·6d70··q·installed·&amp
00094c50:·3b26·616d·703b·205b·2021·202d·6620·2f73··;&·[·!·-f·/s
00094c60:~~·7973·2f66~~·6972·6d77·6172·652f·6566·6920··~~ys/f~~irmware/efi·		00094bf0:·6972·6d77·6172·652f·6566·6920·5d20·2661··irmware/efi·]·&a
		00094c00:·6d70·3b26·616d·703b·2064·706b·672d·7175··mp;&·dpkg-qu
		00094c10:·6572·7920·2d2d·7368·6f77·202d·2d73·686f··ery·--show·--sho
		00094c20:·7766·6f72·6d61·743d·2724·7b64·623a·5374··wformat='${db:St
		00094c30:·6174·7573·2d53·7461·7475·737d·5c6e·2720··atus-Status}\n'·
		00094c40:·2767·7275·6232·2d63·6f6d·6d6f·6e27·2032··'grub2-common'·2
		00094c50:·2667·743b·2f64·6576·2f6e·756c·6c20·7c20··>/dev/null·\|·
		00094c60:·6772·6570·202d·7120·696e·7374·616c·6c65··grep·-q·installe
00094c70:·5d20·2661·6d70·3b26·616d·703b·207b·205b··]·&&·{·[		00094c70:·6420·2661·6d70·3b26·616d·703b·207b·205b··d·&&·{·[
00094c80:·2021·202d·6620·2f2e·646f·636b·6572·656e···!·-f·/.dockeren		00094c80:·2021·202d·6620·2f2e·646f·636b·6572·656e···!·-f·/.dockeren
00094c90:·7620·5d20·2661·6d70·3b26·616d·703b·205b··v·]·&&·[		00094c90:·7620·5d20·2661·6d70·3b26·616d·703b·205b··v·]·&&·[
00094ca0:·2021·202d·6620·2f72·756e·2f2e·636f·6e74···!·-f·/run/.cont		00094ca0:·2021·202d·6620·2f72·756e·2f2e·636f·6e74···!·-f·/run/.cont
00094cb0:·6169·6e65·7265·6e76·205d·3b20·7d3b·2074··ainerenv·];·};·t		00094cb0:·6169·6e65·7265·6e76·205d·3b20·7d3b·2074··ainerenv·];·};·t
00094cc0:·6865·6e0a·0a63·686f·776e·2030·202f·626f··hen..chown·0·/bo		00094cc0:·6865·6e0a·0a63·686f·776e·2030·202f·626f··hen..chown·0·/bo
00094cd0:·6f74·2f67·7275·622f·6772·7562·2e63·6667··ot/grub/grub.cfg		00094cd0:·6f74·2f67·7275·622f·6772·7562·2e63·6667··ot/grub/grub.cfg
00094ce0:·0a0a·656c·7365·0a20·2020·2026·6774·3b26··..else.····>&		00094ce0:·0a0a·656c·7365·0a20·2020·2026·6774·3b26··..else.····>&
Offset 38150, 22 lines modified		Offset 38150, 22 lines modified
00095050:·2054·6573·7420·666f·7220·6578·6973·7465···Test·for·existe		00095050:·2054·6573·7420·666f·7220·6578·6973·7465···Test·for·existe
00095060:·6e63·6520·2f62·6f6f·742f·6772·7562·2f67··nce·/boot/grub/g		00095060:·6e63·6520·2f62·6f6f·742f·6772·7562·2f67··nce·/boot/grub/g
00095070:·7275·622e·6366·670a·2020·7374·6174·3a0a··rub.cfg.··stat:.		00095070:·7275·622e·6366·670a·2020·7374·6174·3a0a··rub.cfg.··stat:.
00095080:·2020·2020·7061·7468·3a20·2f62·6f6f·742f······path:·/boot/		00095080:·2020·2020·7061·7468·3a20·2f62·6f6f·742f······path:·/boot/
00095090:·6772·7562·2f67·7275·622e·6366·670a·2020··grub/grub.cfg.··		00095090:·6772·7562·2f67·7275·622e·6366·670a·2020··grub/grub.cfg.··
000950a0:·7265·6769·7374·6572·3a20·6669·6c65·5f65··register:·file_e		000950a0:·7265·6769·7374·6572·3a20·6669·6c65·5f65··register:·file_e
000950b0:·7869·7374·730a·2020·7768·656e·3a0a·2020··xists.··when:.··		000950b0:·7869·7374·730a·2020·7768·656e·3a0a·2020··xists.··when:.··
000950c0:·2d20·2722·6772·7562·322d·636f·6d6d·6f6e··-·'"grub2-common
000950d0:·2220·696e·2061·6e73·6962·6c65·5f66·6163··"·in·ansible_fac
000950e0:·7473·2e70·6163·6b61·6765·7327·0a20·202d··ts.packages'.··-
000950f0:·2027·222f·626f·6f74·2f65·6669·2220·6e6f···'"/boot/efi"·no
00095100:·7420·696e·2061·6e73·6962·6c65·5f6d·6f75··t·in·ansible_mou
00095110:·6e74·7320·7c20·6d61·7028·6174·7472·6962··nts·\|·map(attrib
00095120:·~~7574~~·~~653d~~·226d·6f75·~~6e74~~·~~2229~~·~~207c~~·206c··~~ute="m~~o~~unt")·\|~~·l		000950c0:·2d20·2722·2f62·6f6f·742f·6566·6922·206e··-·'"/boot/efi"·n
		000950d0:·6f74·2069·6e20·616e·7369·626c·655f·6d6f··ot·in·ansible_mo
		000950e0:·756e·7473·207c·206d·6170·2861·7474·7269··unts·\|·map(attri
		000950f0:·6275·7465·3d22·6d6f·756e·7422·2920·7c20··bute="mount")·\|·
		00095100:·6c69·7374·270a·2020·2d20·2722·6772·7562··list'.··-·'"grub
		00095110:·322d·636f·6d6d·6f6e·2220·696e·2061·6e73··2-common"·in·ans
		00095120:·6962·6c65·5f66·6163·7473·2e70·6163·6b61··ible_facts.packa
00095130:·6~~973~~·7427·0a20·202d·2061·6e73·6962·6c65··~~ist~~'.··-·ansible		00095130:·6765·7327·0a20·202d·2061·6e73·6962·6c65··ges'.··-·ansible
00095140:·5f76·6972·7475·616c·697a·6174·696f·6e5f··_virtualization_		00095140:·5f76·6972·7475·616c·697a·6174·696f·6e5f··_virtualization_
00095150:·7479·7065·206e·6f74·2069·6e20·5b22·646f··type·not·in·["do		00095150:·7479·7065·206e·6f74·2069·6e20·5b22·646f··type·not·in·["do
00095160:·636b·6572·222c·2022·6c78·6322·2c20·226f··cker",·"lxc",·"o		00095160:·636b·6572·222c·2022·6c78·6322·2c20·226f··cker",·"lxc",·"o
00095170:·7065·6e76·7a22·2c20·2270·6f64·6d61·6e22··penvz",·"podman"		00095170:·7065·6e76·7a22·2c20·2270·6f64·6d61·6e22··penvz",·"podman"
00095180:·2c20·2263·6f6e·7461·696e·6572·225d·0a20··,·"container"].·		00095180:·2c20·2263·6f6e·7461·696e·6572·225d·0a20··,·"container"].·
00095190:·2074·6167·733a·0a20·202d·2043·4a49·532d···tags:.··-·CJIS-		00095190:·2074·6167·733a·0a20·202d·2043·4a49·532d···tags:.··-·CJIS-
000951a0:·352e·352e·322e·320a·2020·2d20·4e49·5354··5.5.2.2.··-·NIST		000951a0:·352e·352e·322e·320a·2020·2d20·4e49·5354··5.5.2.2.··-·NIST
Offset 38185, 22 lines modified		Offset 38185, 22 lines modified
00095280:·640a·0a2d·206e·616d·653a·2045·6e73·7572··d..-·name:·Ensur		00095280:·640a·0a2d·206e·616d·653a·2045·6e73·7572··d..-·name:·Ensur
00095290:·6520·6f77·6e65·7220·3020·6f6e·202f·626f··e·owner·0·on·/bo		00095290:·6520·6f77·6e65·7220·3020·6f6e·202f·626f··e·owner·0·on·/bo
000952a0:·6f74·2f67·7275·622f·6772·7562·2e63·6667··ot/grub/grub.cfg		000952a0:·6f74·2f67·7275·622f·6772·7562·2e63·6667··ot/grub/grub.cfg
000952b0:·0a20·2066·696c·653a·0a20·2020·2070·6174··.··file:.····pat		000952b0:·0a20·2066·696c·653a·0a20·2020·2070·6174··.··file:.····pat
000952c0:·683a·202f·626f·6f74·2f67·7275·622f·6772··h:·/boot/grub/gr		000952c0:·683a·202f·626f·6f74·2f67·7275·622f·6772··h:·/boot/grub/gr
000952d0:·7562·2e63·6667·0a20·2020·206f·776e·6572··ub.cfg.····owner		000952d0:·7562·2e63·6667·0a20·2020·206f·776e·6572··ub.cfg.····owner
000952e0:·3a20·2730·270a·2020·7768·656e·3a0a·2020··:·'0'.··when:.··		000952e0:·3a20·2730·270a·2020·7768·656e·3a0a·2020··:·'0'.··when:.··
000952f0:·2d20·2722·6772·7562·322d·636f·6d6d·6f6e··-·'"grub2-common
00095300:·2220·696e·2061·6e73·6962·6c65·5f66·6163··"·in·ansible_fac
00095310:·7473·2e70·6163·6b61·6765·7327·0a20·202d··ts.packages'.··-
00095320:·2027·222f·626f·6f74·2f65·6669·2220·6e6f···'"/boot/efi"·no
00095330:·7420·696e·2061·6e73·6962·6c65·5f6d·6f75··t·in·ansible_mou
00095340:·6e74·7320·7c20·6d61·7028·6174·7472·6962··nts·\|·map(attrib
00095350:·~~7574~~·~~653d~~·226d·6f75·~~6e74~~·~~2229~~·~~207c~~·206c··~~ute="m~~o~~unt")·\|~~·l		000952f0:·2d20·2722·2f62·6f6f·742f·6566·6922·206e··-·'"/boot/efi"·n
		00095300:·6f74·2069·6e20·616e·7369·626c·655f·6d6f··ot·in·ansible_mo
		00095310:·756e·7473·207c·206d·6170·2861·7474·7269··unts·\|·map(attri
		00095320:·6275·7465·3d22·6d6f·756e·7422·2920·7c20··bute="mount")·\|·
		00095330:·6c69·7374·270a·2020·2d20·2722·6772·7562··list'.··-·'"grub
		00095340:·322d·636f·6d6d·6f6e·2220·696e·2061·6e73··2-common"·in·ans
		00095350:·6962·6c65·5f66·6163·7473·2e70·6163·6b61··ible_facts.packa
00095360:·6~~973~~·7427·0a20·202d·2061·6e73·6962·6c65··~~ist~~'.··-·ansible		00095360:·6765·7327·0a20·202d·2061·6e73·6962·6c65··ges'.··-·ansible
00095370:·5f76·6972·7475·616c·697a·6174·696f·6e5f··_virtualization_		00095370:·5f76·6972·7475·616c·697a·6174·696f·6e5f··_virtualization_
00095380:·7479·7065·206e·6f74·2069·6e20·5b22·646f··type·not·in·["do		00095380:·7479·7065·206e·6f74·2069·6e20·5b22·646f··type·not·in·["do
00095390:·636b·6572·222c·2022·6c78·6322·2c20·226f··cker",·"lxc",·"o		00095390:·636b·6572·222c·2022·6c78·6322·2c20·226f··cker",·"lxc",·"o
000953a0:·7065·6e76·7a22·2c20·2270·6f64·6d61·6e22··penvz",·"podman"		000953a0:·7065·6e76·7a22·2c20·2270·6f64·6d61·6e22··penvz",·"podman"
000953b0:·2c20·2263·6f6e·7461·696e·6572·225d·0a20··,·"container"].·		000953b0:·2c20·2263·6f6e·7461·696e·6572·225d·0a20··,·"container"].·
000953c0:·202d·2066·696c·655f·6578·6973·7473·2e73···-·file_exists.s		000953c0:·202d·2066·696c·655f·6578·6973·7473·2e73···-·file_exists.s
000953d0:·7461·7420·6973·2064·6566·696e·6564·2061··tat·is·defined·a		000953d0:·7461·7420·6973·2064·6566·696e·6564·2061··tat·is·defined·a
Offset 38642, 24 lines modified		Offset 38642, 24 lines modified
00096f10:·3e3c·7468·3e53·7472·6174·6567·793a·3c2f··><th>Strategy:</		00096f10:·3e3c·7468·3e53·7472·6174·6567·793a·3c2f··><th>Strategy:</
00096f20:·7468·3e3c·7464·3e63·6f6e·6669·6775·7265··th><td>configure		00096f20:·7468·3e3c·7464·3e63·6f6e·6669·6775·7265··th><td>configure
00096f30:·3c2f·7464·3e3c·2f74·723e·3c2f·7461·626c··</td></tr></tabl		00096f30:·3c2f·7464·3e3c·2f74·723e·3c2f·7461·626c··</td></tr></tabl
00096f40:·653e·3c70·7265·3e3c·636f·6465·3e23·2052··e><pre><code>#·R		00096f40:·653e·3c70·7265·3e3c·636f·6465·3e23·2052··e><pre><code>#·R
00096f50:·656d·6564·6961·7469·6f6e·2069·7320·6170··emediation·is·ap		00096f50:·656d·6564·6961·7469·6f6e·2069·7320·6170··emediation·is·ap
00096f60:·706c·6963·6162·6c65·206f·6e6c·7920·696e··plicable·only·in		00096f60:·706c·6963·6162·6c65·206f·6e6c·7920·696e··plicable·only·in
00096f70:·2063·6572·7461·696e·2070·6c61·7466·6f72···certain·platfor		00096f70:·2063·6572·7461·696e·2070·6c61·7466·6f72···certain·platfor
		00096f80:·6d73·0a69·6620·5b20·2120·2d66·202f·7379··ms.if·[·!·-f·/sy
00096f80:·6d73·0a69·6620·6470·6b67·2d71·7565·7279··ms.if·dpkg-query
00096f90:·202d·2d73·686f·7720·2d2d·7368·6f77·666f···--show·--showfo
00096fa0:·726d·6174·3d27·247b·6462·3a53·7461·7475··rmat='${db:Statu
00096fb0:·732d·5374·6174·7573·7d5c·6e27·2027·6772··s-Status}\n'·'gr
00096fc0:·7562·322d·636f·6d6d·6f6e·2720·3226·6774··ub2-common'·2&gt
00096fd0:·3b2f·6465·762f·6e75·6c6c·207c·2067·7265··;/dev/null·\|·gre
00096fe0:·7020·2d71·2069·6e73·7461·6c6c·6564·2026··p·-q·installed·&
00096ff0:·616d·703b·2661·6d70·3b20·5b20·2120·2d66··amp;&·[·!·-f
0009~~700~~0:~~·202f·7379~~·732f·6669·726d·7761·7265·2f65··~~·/sy~~s/firmware/e		00096f90:·732f·6669·726d·7761·7265·2f65·6669·205d··s/firmware/efi·]
		00096fa0:·2026·616d·703b·2661·6d70·3b20·6470·6b67···&&·dpkg
		00096fb0:·2d71·7565·7279·202d·2d73·686f·7720·2d2d··-query·--show·--
		00096fc0:·7368·6f77·666f·726d·6174·3d27·247b·6462··showformat='${db
		00096fd0:·3a53·7461·7475·732d·5374·6174·7573·7d5c··:Status-Status}\
		00096fe0:·6e27·2027·6772·7562·322d·636f·6d6d·6f6e··n'·'grub2-common
		00096ff0:·2720·3226·6774·3b2f·6465·762f·6e75·6c6c··'·2>/dev/null
		00097000:·207c·2067·7265·7020·2d71·2069·6e73·7461···\|·grep·-q·insta
00097010:·6669·~~205d~~·2026·616d·703b·2661·6d70·3b20··~~fi·]~~·&&·		00097010:·6c6c·6564·2026·616d·703b·2661·6d70·3b20··lled·&&·
00097020:·7b20·5b20·2120·2d66·202f·2e64·6f63·6b65··{·[·!·-f·/.docke		00097020:·7b20·5b20·2120·2d66·202f·2e64·6f63·6b65··{·[·!·-f·/.docke
00097030:·7265·6e76·205d·2026·616d·703b·2661·6d70··renv·]·&&amp		00097030:·7265·6e76·205d·2026·616d·703b·2661·6d70··renv·]·&&amp
00097040:·3b20·5b20·2120·2d66·202f·7275·6e2f·2e63··;·[·!·-f·/run/.c		00097040:·3b20·5b20·2120·2d66·202f·7275·6e2f·2e63··;·[·!·-f·/run/.c
00097050:·6f6e·7461·696e·6572·656e·7620·5d3b·207d··ontainerenv·];·}		00097050:·6f6e·7461·696e·6572·656e·7620·5d3b·207d··ontainerenv·];·}
00097060:·3b20·7468·656e·0a0a·6368·6d6f·6420·752d··;·then..chmod·u-		00097060:·3b20·7468·656e·0a0a·6368·6d6f·6420·752d··;·then..chmod·u-
00097070:·7873·2c67·2d78·7772·732c·6f2d·7877·7274··xs,g-xwrs,o-xwrt		00097070:·7873·2c67·2d78·7772·732c·6f2d·7877·7274··xs,g-xwrs,o-xwrt
00097080:·202f·626f·6f74·2f67·7275·622f·6772·7562···/boot/grub/grub		00097080:·202f·626f·6f74·2f67·7275·622f·6772·7562···/boot/grub/grub
Offset 38719, 22 lines modified		Offset 38719, 22 lines modified
000973e0:·6e61·6d65·3a20·5465·7374·2066·6f72·2065··name:·Test·for·e		000973e0:·6e61·6d65·3a20·5465·7374·2066·6f72·2065··name:·Test·for·e
000973f0:·7869·7374·656e·6365·202f·626f·6f74·2f67··xistence·/boot/g		000973f0:·7869·7374·656e·6365·202f·626f·6f74·2f67··xistence·/boot/g
00097400:·7275·622f·6772·7562·2e63·6667·0a20·2073··rub/grub.cfg.··s		00097400:·7275·622f·6772·7562·2e63·6667·0a20·2073··rub/grub.cfg.··s
Max diff block lines reached; 33342/42580 bytes (78.30%) of diff not shown.


Offset 3133, 16 lines modified		Offset 3133, 16 lines modified
3133	············A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),·PR.AC-4,·PR.DS-5,	3133	············A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),·PR.AC-4,·PR.DS-5,
3134	············Req-7.1,·1.5.2	3134	············Req-7.1,·1.5.2
3135	Remediation_Shell_script_⇲	3135	Remediation_Shell_script_⇲
3136	Complexity:·low	3136	Complexity:·low
3137	Disruption:·low	3137	Disruption:·low
3138	Strategy:···configure	3138	Strategy:···configure
3139	#·Remediation·is·applicable·only·in·certain·platforms	3139	#·Remediation·is·applicable·only·in·certain·platforms
3140	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/dev/~~null·\|·grep·-q·installed·&&·[·!~~	3140	if·[·!·-f·/sys/firmware/efi·]·&&·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/dev/
3141	-f·~~/sys/firmware/efi·]~~·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then	3141	null·\|·grep·-q·installed·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then

3142	chown·0·/boot/grub/grub.cfg	3142	chown·0·/boot/grub/grub.cfg

3143	else	3143	else
3144	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'	3144	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'
3145	fi	3145	fi
3146	Remediation_Ansible_snippet_⇲	3146	Remediation_Ansible_snippet_⇲
Offset 3166, 16 lines modified		Offset 3166, 16 lines modified
3166	··-·no_reboot_needed	3166	··-·no_reboot_needed

3167	-·name:·Test·for·existence·/boot/grub/grub.cfg	3167	-·name:·Test·for·existence·/boot/grub/grub.cfg
3168	··stat:	3168	··stat:
3169	····path:·/boot/grub/grub.cfg	3169	····path:·/boot/grub/grub.cfg
3170	··register:·file_exists	3170	··register:·file_exists
3171	··when:	3171	··when:
3172	··-·'"grub2-common"·in·ansible_facts.packages'
3173	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3172	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3173	··-·'"grub2-common"·in·ansible_facts.packages'
3174	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3174	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3175	··tags:	3175	··tags:
3176	··-·CJIS-5.5.2.2	3176	··-·CJIS-5.5.2.2
3177	··-·NIST-800-171-3.4.5	3177	··-·NIST-800-171-3.4.5
3178	··-·NIST-800-53-AC-6(1)	3178	··-·NIST-800-53-AC-6(1)
3179	··-·NIST-800-53-CM-6(a)	3179	··-·NIST-800-53-CM-6(a)
3180	··-·PCI-DSS-Req-7.1	3180	··-·PCI-DSS-Req-7.1
Offset 3187, 16 lines modified		Offset 3187, 16 lines modified
3187	··-·no_reboot_needed	3187	··-·no_reboot_needed

3188	-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg	3188	-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg
3189	··file:	3189	··file:
3190	····path:·/boot/grub/grub.cfg	3190	····path:·/boot/grub/grub.cfg
3191	····owner:·'0'	3191	····owner:·'0'
3192	··when:	3192	··when:
3193	··-·'"grub2-common"·in·ansible_facts.packages'
3194	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3193	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3194	··-·'"grub2-common"·in·ansible_facts.packages'
3195	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3195	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3196	··-·file_exists.stat·is·defined·and·file_exists.stat.exists	3196	··-·file_exists.stat·is·defined·and·file_exists.stat.exists
3197	··tags:	3197	··tags:
3198	··-·CJIS-5.5.2.2	3198	··-·CJIS-5.5.2.2
3199	··-·NIST-800-171-3.4.5	3199	··-·NIST-800-171-3.4.5
3200	··-·NIST-800-53-AC-6(1)	3200	··-·NIST-800-53-AC-6(1)
3201	··-·NIST-800-53-CM-6(a)	3201	··-·NIST-800-53-CM-6(a)
Offset 3222, 16 lines modified		Offset 3222, 16 lines modified
3222	············A.8.2.2,·A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),	3222	············A.8.2.2,·A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),
3223	············PR.AC-4,·PR.DS-5,·1.5.2	3223	············PR.AC-4,·PR.DS-5,·1.5.2
3224	Remediation_Shell_script_⇲	3224	Remediation_Shell_script_⇲
3225	Complexity:·low	3225	Complexity:·low
3226	Disruption:·low	3226	Disruption:·low
3227	Strategy:···configure	3227	Strategy:···configure
3228	#·Remediation·is·applicable·only·in·certain·platforms	3228	#·Remediation·is·applicable·only·in·certain·platforms
3229	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>~~/dev~~/~~null·\|·grep·-q·installed·&&~~	3229	if·[·!·-f·/sys/firmware/efi·]·&&·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/
3230	~~[·!·-f~~·~~/sys/firmware/efi·]~~·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then	3230	dev/null·\|·grep·-q·installed·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then

3231	chmod·u-xs,g-xwrs,o-xwrt·/boot/grub/grub.cfg	3231	chmod·u-xs,g-xwrs,o-xwrt·/boot/grub/grub.cfg

3232	else	3232	else
3233	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'	3233	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'
3234	fi	3234	fi
3235	Remediation_Ansible_snippet_⇲	3235	Remediation_Ansible_snippet_⇲
Offset 3253, 16 lines modified		Offset 3253, 16 lines modified
3253	··-·no_reboot_needed	3253	··-·no_reboot_needed

3254	-·name:·Test·for·existence·/boot/grub/grub.cfg	3254	-·name:·Test·for·existence·/boot/grub/grub.cfg
3255	··stat:	3255	··stat:
3256	····path:·/boot/grub/grub.cfg	3256	····path:·/boot/grub/grub.cfg
3257	··register:·file_exists	3257	··register:·file_exists
3258	··when:	3258	··when:
3259	··-·'"grub2-common"·in·ansible_facts.packages'
3260	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3259	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3260	··-·'"grub2-common"·in·ansible_facts.packages'
3261	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3261	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3262	··tags:	3262	··tags:
3263	··-·NIST-800-171-3.4.5	3263	··-·NIST-800-171-3.4.5
3264	··-·NIST-800-53-AC-6(1)	3264	··-·NIST-800-53-AC-6(1)
3265	··-·NIST-800-53-CM-6(a)	3265	··-·NIST-800-53-CM-6(a)
3266	··-·configure_strategy	3266	··-·configure_strategy
3267	··-·file_permissions_grub2_cfg	3267	··-·file_permissions_grub2_cfg
Offset 3272, 16 lines modified		Offset 3272, 16 lines modified
3272	··-·no_reboot_needed	3272	··-·no_reboot_needed

3273	-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg	3273	-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg
3274	··file:	3274	··file:
3275	····path:·/boot/grub/grub.cfg	3275	····path:·/boot/grub/grub.cfg
3276	····mode:·u-xs,g-xwrs,o-xwrt	3276	····mode:·u-xs,g-xwrs,o-xwrt
3277	··when:	3277	··when:
3278	··-·'"grub2-common"·in·ansible_facts.packages'
3279	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3278	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3279	··-·'"grub2-common"·in·ansible_facts.packages'
3280	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3280	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3281	··-·file_exists.stat·is·defined·and·file_exists.stat.exists	3281	··-·file_exists.stat·is·defined·and·file_exists.stat.exists
3282	··tags:	3282	··tags:
3283	··-·NIST-800-171-3.4.5	3283	··-·NIST-800-171-3.4.5
3284	··-·NIST-800-53-AC-6(1)	3284	··-·NIST-800-53-AC-6(1)
3285	··-·NIST-800-53-CM-6(a)	3285	··-·NIST-800-53-CM-6(a)
3286	··-·configure_strategy	3286	··-·configure_strategy
Offset 10517, 14 lines modified		Offset 10517, 30 lines modified
10517	············CCI-000366,·4.3.3.5.1,·4.3.3.5.2,·4.3.3.5.3,·4.3.3.5.4,·4.3.3.5.5,·4.3.3.5.6,·4.3.3.5.7,	10517	············CCI-000366,·4.3.3.5.1,·4.3.3.5.2,·4.3.3.5.3,·4.3.3.5.4,·4.3.3.5.5,·4.3.3.5.6,·4.3.3.5.7,
10518	Identifiers·4.3.3.5.8,·4.3.3.6.1,·4.3.3.6.2,·4.3.3.6.3,·4.3.3.6.4,·4.3.3.6.5,·4.3.3.6.6,·4.3.3.6.7,	10518	Identifiers·4.3.3.5.8,·4.3.3.6.1,·4.3.3.6.2,·4.3.3.6.3,·4.3.3.6.4,·4.3.3.6.5,·4.3.3.6.6,·4.3.3.6.7,
10519	and·········4.3.3.6.8,·4.3.3.6.9,·4.3.3.7.1,·4.3.3.7.2,·4.3.3.7.3,·4.3.3.7.4,·4.3.4.3.2,·4.3.4.3.3,·SR_1.1,	10519	and·········4.3.3.6.8,·4.3.3.6.9,·4.3.3.7.1,·4.3.3.7.2,·4.3.3.7.3,·4.3.3.7.4,·4.3.4.3.2,·4.3.4.3.3,·SR_1.1,
10520	References··SR_1.10,·SR_1.11,·SR_1.12,·SR_1.13,·SR_1.2,·SR_1.3,·SR_1.4,·SR_1.5,·SR_1.6,·SR_1.7,·SR_1.8,·SR	10520	References··SR_1.10,·SR_1.11,·SR_1.12,·SR_1.13,·SR_1.2,·SR_1.3,·SR_1.4,·SR_1.5,·SR_1.6,·SR_1.7,·SR_1.8,·SR
10521	············1.9,·SR_2.1,·SR_2.2,·SR_2.3,·SR_2.4,·SR_2.5,·SR_2.6,·SR_2.7,·SR_7.6,·A.12.1.2,·A.12.5.1,	10521	············1.9,·SR_2.1,·SR_2.2,·SR_2.3,·SR_2.4,·SR_2.5,·SR_2.6,·SR_2.7,·SR_7.6,·A.12.1.2,·A.12.5.1,
10522	············A.12.6.2,·A.14.2.2,·A.14.2.3,·A.14.2.4,·A.9.1.2,·CM-7(a),·CM-7(b),·CM-6(a),·PR.IP-1,·PR.PT-3,	10522	············A.12.6.2,·A.14.2.2,·A.14.2.3,·A.14.2.4,·A.9.1.2,·CM-7(a),·CM-7(b),·CM-6(a),·PR.IP-1,·PR.PT-3,
10523	············2.2.3	10523	············2.2.3
		10524	Remediation_OSBuild_Blueprint_snippet_⇲

		10525	[customizations.services]
		10526	disabled·=·["avahi-daemon"]
		10527	Remediation_Puppet_snippet_⇲
		10528	Complexity:·low
		10529	Disruption:·low
		10530	Strategy:···enable
		10531	include·disable_avahi-daemon

		10532	class·disable_avahi-daemon·{
		10533	··service·{'avahi-daemon':
		10534	····enable·=>·false,
		10535	····ensure·=>·'stopped',
Max diff block lines reached; 2796/7875 bytes (35.50%) of diff not shown.


Offset 39621, 24 lines modified		Offset 39621, 24 lines modified
0009ac40:·7468·3e53·7472·6174·6567·793a·3c2f·7468··th>Strategy:</th		0009ac40:·7468·3e53·7472·6174·6567·793a·3c2f·7468··th>Strategy:</th
0009ac50:·3e3c·7464·3e63·6f6e·6669·6775·7265·3c2f··><td>configure</		0009ac50:·3e3c·7464·3e63·6f6e·6669·6775·7265·3c2f··><td>configure</
0009ac60:·7464·3e3c·2f74·723e·3c2f·7461·626c·653e··td></tr></table>		0009ac60:·7464·3e3c·2f74·723e·3c2f·7461·626c·653e··td></tr></table>
0009ac70:·3c70·7265·3e3c·636f·6465·3e23·2052·656d··<pre><code>#·Rem		0009ac70:·3c70·7265·3e3c·636f·6465·3e23·2052·656d··<pre><code>#·Rem
0009ac80:·6564·6961·7469·6f6e·2069·7320·6170·706c··ediation·is·appl		0009ac80:·6564·6961·7469·6f6e·2069·7320·6170·706c··ediation·is·appl
0009ac90:·6963·6162·6c65·206f·6e6c·7920·696e·2063··icable·only·in·c		0009ac90:·6963·6162·6c65·206f·6e6c·7920·696e·2063··icable·only·in·c
0009aca0:·6572·7461·696e·2070·6c61·7466·6f72·6d73··ertain·platforms		0009aca0:·6572·7461·696e·2070·6c61·7466·6f72·6d73··ertain·platforms
		0009acb0:·0a69·6620·5b20·2120·2d66·202f·7379·732f··.if·[·!·-f·/sys/
0009acb0:·0a69·6620·6470·6b67·2d71·7565·7279·202d··.if·dpkg-query·-
0009acc0:·2d73·686f·7720·2d2d·7368·6f77·666f·726d··-show·--showform
0009acd0:·6174·3d27·247b·6462·3a53·7461·7475·732d··at='${db:Status-
0009ace0:·5374·6174·7573·7d5c·6e27·2027·6772·7562··Status}\n'·'grub
0009acf0:·322d·636f·6d6d·6f6e·2720·3226·6774·3b2f··2-common'·2>/
0009ad00:·6465·762f·6e75·6c6c·207c·2067·7265·7020··dev/null·\|·grep·
0009ad10:·2d71·2069·6e73·7461·6c6c·6564·2026·616d··-q·installed·&am
0009ad20:·703b·2661·6d70·3b20·5b20·2120·2d66·202f··p;&·[·!·-f·/
0009ad30:~~·7379·732f~~·6669·726d·7761·7265·2f65·6669··~~sys/~~firmware/efi		0009acc0:·6669·726d·7761·7265·2f65·6669·205d·2026··firmware/efi·]·&
		0009acd0:·616d·703b·2661·6d70·3b20·6470·6b67·2d71··amp;&·dpkg-q
		0009ace0:·7565·7279·202d·2d73·686f·7720·2d2d·7368··uery·--show·--sh
		0009acf0:·6f77·666f·726d·6174·3d27·247b·6462·3a53··owformat='${db:S
		0009ad00:·7461·7475·732d·5374·6174·7573·7d5c·6e27··tatus-Status}\n'
		0009ad10:·2027·6772·7562·322d·636f·6d6d·6f6e·2720···'grub2-common'·
		0009ad20:·3226·6774·3b2f·6465·762f·6e75·6c6c·207c··2>/dev/null·\|
		0009ad30:·2067·7265·7020·2d71·2069·6e73·7461·6c6c···grep·-q·install
0009ad40:·~~205d~~·2026·616d·703b·2661·6d70·3b20·7b20···]·&&·{·		0009ad40:·6564·2026·616d·703b·2661·6d70·3b20·7b20··ed·&&·{·
0009ad50:·5b20·2120·2d66·202f·2e64·6f63·6b65·7265··[·!·-f·/.dockere		0009ad50:·5b20·2120·2d66·202f·2e64·6f63·6b65·7265··[·!·-f·/.dockere
0009ad60:·6e76·205d·2026·616d·703b·2661·6d70·3b20··nv·]·&&·		0009ad60:·6e76·205d·2026·616d·703b·2661·6d70·3b20··nv·]·&&·
0009ad70:·5b20·2120·2d66·202f·7275·6e2f·2e63·6f6e··[·!·-f·/run/.con		0009ad70:·5b20·2120·2d66·202f·7275·6e2f·2e63·6f6e··[·!·-f·/run/.con
0009ad80:·7461·696e·6572·656e·7620·5d3b·207d·3b20··tainerenv·];·};·		0009ad80:·7461·696e·6572·656e·7620·5d3b·207d·3b20··tainerenv·];·};·
0009ad90:·7468·656e·0a0a·6368·6f77·6e20·3020·2f62··then..chown·0·/b		0009ad90:·7468·656e·0a0a·6368·6f77·6e20·3020·2f62··then..chown·0·/b
0009ada0:·6f6f·742f·6772·7562·2f67·7275·622e·6366··oot/grub/grub.cf		0009ada0:·6f6f·742f·6772·7562·2f67·7275·622e·6366··oot/grub/grub.cf
0009adb0:·670a·0a65·6c73·650a·2020·2020·2667·743b··g..else.····>		0009adb0:·670a·0a65·6c73·650a·2020·2020·2667·743b··g..else.····>
Offset 39699, 22 lines modified		Offset 39699, 22 lines modified
0009b120:·3a20·5465·7374·2066·6f72·2065·7869·7374··:·Test·for·exist		0009b120:·3a20·5465·7374·2066·6f72·2065·7869·7374··:·Test·for·exist
0009b130:·656e·6365·202f·626f·6f74·2f67·7275·622f··ence·/boot/grub/		0009b130:·656e·6365·202f·626f·6f74·2f67·7275·622f··ence·/boot/grub/
0009b140:·6772·7562·2e63·6667·0a20·2073·7461·743a··grub.cfg.··stat:		0009b140:·6772·7562·2e63·6667·0a20·2073·7461·743a··grub.cfg.··stat:
0009b150:·0a20·2020·2070·6174·683a·202f·626f·6f74··.····path:·/boot		0009b150:·0a20·2020·2070·6174·683a·202f·626f·6f74··.····path:·/boot
0009b160:·2f67·7275·622f·6772·7562·2e63·6667·0a20··/grub/grub.cfg.·		0009b160:·2f67·7275·622f·6772·7562·2e63·6667·0a20··/grub/grub.cfg.·
0009b170:·2072·6567·6973·7465·723a·2066·696c·655f···register:·file_		0009b170:·2072·6567·6973·7465·723a·2066·696c·655f···register:·file_
0009b180:·6578·6973·7473·0a20·2077·6865·6e3a·0a20··exists.··when:.·		0009b180:·6578·6973·7473·0a20·2077·6865·6e3a·0a20··exists.··when:.·
0009b190:·202d·2027·2267·7275·6232·2d63·6f6d·6d6f···-·'"grub2-commo
0009b1a0:·6e22·2069·6e20·616e·7369·626c·655f·6661··n"·in·ansible_fa
0009b1b0:·6374·732e·7061·636b·6167·6573·270a·2020··cts.packages'.··
0009b1c0:·2d20·2722·2f62·6f6f·742f·6566·6922·206e··-·'"/boot/efi"·n
0009b1d0:·6f74·2069·6e20·616e·7369·626c·655f·6d6f··ot·in·ansible_mo
0009b1e0:·756e·7473·207c·206d·6170·2861·7474·7269··unts·\|·map(attri
0009b1f0:·~~6275~~·~~7465~~·3d22·6d6f·~~756e~~·~~7422~~·~~2920~~·7c20··~~bute="m~~o~~unt")·\|~~·		0009b190:·202d·2027·222f·626f·6f74·2f65·6669·2220···-·'"/boot/efi"·
		0009b1a0:·6e6f·7420·696e·2061·6e73·6962·6c65·5f6d··not·in·ansible_m
		0009b1b0:·6f75·6e74·7320·7c20·6d61·7028·6174·7472··ounts·\|·map(attr
		0009b1c0:·6962·7574·653d·226d·6f75·6e74·2229·207c··ibute="mount")·\|
		0009b1d0:·206c·6973·7427·0a20·202d·2027·2267·7275···list'.··-·'"gru
		0009b1e0:·6232·2d63·6f6d·6d6f·6e22·2069·6e20·616e··b2-common"·in·an
		0009b1f0:·7369·626c·655f·6661·6374·732e·7061·636b··sible_facts.pack
0009b200:·6c69·7374·270a·2020·2d20·616e·7369·626c··~~list~~'.··-·ansibl		0009b200:·6167·6573·270a·2020·2d20·616e·7369·626c··ages'.··-·ansibl
0009b210:·655f·7669·7274·7561·6c69·7a61·7469·6f6e··e_virtualization		0009b210:·655f·7669·7274·7561·6c69·7a61·7469·6f6e··e_virtualization
0009b220:·5f74·7970·6520·6e6f·7420·696e·205b·2264··_type·not·in·["d		0009b220:·5f74·7970·6520·6e6f·7420·696e·205b·2264··_type·not·in·["d
0009b230:·6f63·6b65·7222·2c20·226c·7863·222c·2022··ocker",·"lxc",·"		0009b230:·6f63·6b65·7222·2c20·226c·7863·222c·2022··ocker",·"lxc",·"
0009b240:·6f70·656e·767a·222c·2022·706f·646d·616e··openvz",·"podman		0009b240:·6f70·656e·767a·222c·2022·706f·646d·616e··openvz",·"podman
0009b250:·222c·2022·636f·6e74·6169·6e65·7222·5d0a··",·"container"].		0009b250:·222c·2022·636f·6e74·6169·6e65·7222·5d0a··",·"container"].
0009b260:·2020·7461·6773·3a0a·2020·2d20·434a·4953····tags:.··-·CJIS		0009b260:·2020·7461·6773·3a0a·2020·2d20·434a·4953····tags:.··-·CJIS
0009b270:·2d35·2e35·2e32·2e32·0a20·202d·204e·4953··-5.5.2.2.··-·NIS		0009b270:·2d35·2e35·2e32·2e32·0a20·202d·204e·4953··-5.5.2.2.··-·NIS
Offset 39734, 22 lines modified		Offset 39734, 22 lines modified
0009b350:·6564·0a0a·2d20·6e61·6d65·3a20·456e·7375··ed..-·name:·Ensu		0009b350:·6564·0a0a·2d20·6e61·6d65·3a20·456e·7375··ed..-·name:·Ensu
0009b360:·7265·206f·776e·6572·2030·206f·6e20·2f62··re·owner·0·on·/b		0009b360:·7265·206f·776e·6572·2030·206f·6e20·2f62··re·owner·0·on·/b
0009b370:·6f6f·742f·6772·7562·2f67·7275·622e·6366··oot/grub/grub.cf		0009b370:·6f6f·742f·6772·7562·2f67·7275·622e·6366··oot/grub/grub.cf
0009b380:·670a·2020·6669·6c65·3a0a·2020·2020·7061··g.··file:.····pa		0009b380:·670a·2020·6669·6c65·3a0a·2020·2020·7061··g.··file:.····pa
0009b390:·7468·3a20·2f62·6f6f·742f·6772·7562·2f67··th:·/boot/grub/g		0009b390:·7468·3a20·2f62·6f6f·742f·6772·7562·2f67··th:·/boot/grub/g
0009b3a0:·7275·622e·6366·670a·2020·2020·6f77·6e65··rub.cfg.····owne		0009b3a0:·7275·622e·6366·670a·2020·2020·6f77·6e65··rub.cfg.····owne
0009b3b0:·723a·2027·3027·0a20·2077·6865·6e3a·0a20··r:·'0'.··when:.·		0009b3b0:·723a·2027·3027·0a20·2077·6865·6e3a·0a20··r:·'0'.··when:.·
0009b3c0:·202d·2027·2267·7275·6232·2d63·6f6d·6d6f···-·'"grub2-commo
0009b3d0:·6e22·2069·6e20·616e·7369·626c·655f·6661··n"·in·ansible_fa
0009b3e0:·6374·732e·7061·636b·6167·6573·270a·2020··cts.packages'.··
0009b3f0:·2d20·2722·2f62·6f6f·742f·6566·6922·206e··-·'"/boot/efi"·n
0009b400:·6f74·2069·6e20·616e·7369·626c·655f·6d6f··ot·in·ansible_mo
0009b410:·756e·7473·207c·206d·6170·2861·7474·7269··unts·\|·map(attri
0009b420:·~~6275~~·~~7465~~·3d22·6d6f·~~756e~~·~~7422~~·~~2920~~·7c20··~~bute="m~~o~~unt")·\|~~·		0009b3c0:·202d·2027·222f·626f·6f74·2f65·6669·2220···-·'"/boot/efi"·
		0009b3d0:·6e6f·7420·696e·2061·6e73·6962·6c65·5f6d··not·in·ansible_m
		0009b3e0:·6f75·6e74·7320·7c20·6d61·7028·6174·7472··ounts·\|·map(attr
		0009b3f0:·6962·7574·653d·226d·6f75·6e74·2229·207c··ibute="mount")·\|
		0009b400:·206c·6973·7427·0a20·202d·2027·2267·7275···list'.··-·'"gru
		0009b410:·6232·2d63·6f6d·6d6f·6e22·2069·6e20·616e··b2-common"·in·an
		0009b420:·7369·626c·655f·6661·6374·732e·7061·636b··sible_facts.pack
0009b430:·6c69·7374·270a·2020·2d20·616e·7369·626c··~~list~~'.··-·ansibl		0009b430:·6167·6573·270a·2020·2d20·616e·7369·626c··ages'.··-·ansibl
0009b440:·655f·7669·7274·7561·6c69·7a61·7469·6f6e··e_virtualization		0009b440:·655f·7669·7274·7561·6c69·7a61·7469·6f6e··e_virtualization
0009b450:·5f74·7970·6520·6e6f·7420·696e·205b·2264··_type·not·in·["d		0009b450:·5f74·7970·6520·6e6f·7420·696e·205b·2264··_type·not·in·["d
0009b460:·6f63·6b65·7222·2c20·226c·7863·222c·2022··ocker",·"lxc",·"		0009b460:·6f63·6b65·7222·2c20·226c·7863·222c·2022··ocker",·"lxc",·"
0009b470:·6f70·656e·767a·222c·2022·706f·646d·616e··openvz",·"podman		0009b470:·6f70·656e·767a·222c·2022·706f·646d·616e··openvz",·"podman
0009b480:·222c·2022·636f·6e74·6169·6e65·7222·5d0a··",·"container"].		0009b480:·222c·2022·636f·6e74·6169·6e65·7222·5d0a··",·"container"].
0009b490:·2020·2d20·6669·6c65·5f65·7869·7374·732e····-·file_exists.		0009b490:·2020·2d20·6669·6c65·5f65·7869·7374·732e····-·file_exists.
0009b4a0:·7374·6174·2069·7320·6465·6669·6e65·6420··stat·is·defined·		0009b4a0:·7374·6174·2069·7320·6465·6669·6e65·6420··stat·is·defined·
Offset 40191, 24 lines modified		Offset 40191, 24 lines modified
0009cfe0:·723e·3c74·683e·5374·7261·7465·6779·3a3c··r><th>Strategy:<		0009cfe0:·723e·3c74·683e·5374·7261·7465·6779·3a3c··r><th>Strategy:<
0009cff0:·2f74·683e·3c74·643e·636f·6e66·6967·7572··/th><td>configur		0009cff0:·2f74·683e·3c74·643e·636f·6e66·6967·7572··/th><td>configur
0009d000:·653c·2f74·643e·3c2f·7472·3e3c·2f74·6162··e</td></tr></tab		0009d000:·653c·2f74·643e·3c2f·7472·3e3c·2f74·6162··e</td></tr></tab
0009d010:·6c65·3e3c·7072·653e·3c63·6f64·653e·2320··le><pre><code>#·		0009d010:·6c65·3e3c·7072·653e·3c63·6f64·653e·2320··le><pre><code>#·
0009d020:·5265·6d65·6469·6174·696f·6e20·6973·2061··Remediation·is·a		0009d020:·5265·6d65·6469·6174·696f·6e20·6973·2061··Remediation·is·a
0009d030:·7070·6c69·6361·626c·6520·6f6e·6c79·2069··pplicable·only·i		0009d030:·7070·6c69·6361·626c·6520·6f6e·6c79·2069··pplicable·only·i
0009d040:·6e20·6365·7274·6169·6e20·706c·6174·666f··n·certain·platfo		0009d040:·6e20·6365·7274·6169·6e20·706c·6174·666f··n·certain·platfo
		0009d050:·726d·730a·6966·205b·2021·202d·6620·2f73··rms.if·[·!·-f·/s
0009d050:·726d·730a·6966·2064·706b·672d·7175·6572··rms.if·dpkg-quer
0009d060:·7920·2d2d·7368·6f77·202d·2d73·686f·7766··y·--show·--showf
0009d070:·6f72·6d61·743d·2724·7b64·623a·5374·6174··ormat='${db:Stat
0009d080:·7573·2d53·7461·7475·737d·5c6e·2720·2767··us-Status}\n'·'g
0009d090:·7275·6232·2d63·6f6d·6d6f·6e27·2032·2667··rub2-common'·2&g
0009d0a0:·743b·2f64·6576·2f6e·756c·6c20·7c20·6772··t;/dev/null·\|·gr
0009d0b0:·6570·202d·7120·696e·7374·616c·6c65·6420··ep·-q·installed·
0009d0c0:·2661·6d70·3b26·616d·703b·205b·2021·202d··&&·[·!·-
0009d0~~d0:·6~~620~~·2f7~~3·7973·2f66·6972·6d77·6172·652f··~~f·/s~~ys/firmware/		0009d060:·7973·2f66·6972·6d77·6172·652f·6566·6920··ys/firmware/efi·
		0009d070:·5d20·2661·6d70·3b26·616d·703b·2064·706b··]·&&·dpk
		0009d080:·672d·7175·6572·7920·2d2d·7368·6f77·202d··g-query·--show·-
		0009d090:·2d73·686f·7766·6f72·6d61·743d·2724·7b64··-showformat='${d
		0009d0a0:·623a·5374·6174·7573·2d53·7461·7475·737d··b:Status-Status}
		0009d0b0:·5c6e·2720·2767·7275·6232·2d63·6f6d·6d6f··\n'·'grub2-commo
		0009d0c0:·6e27·2032·2667·743b·2f64·6576·2f6e·756c··n'·2>/dev/nul
		0009d0d0:·6c20·7c20·6772·6570·202d·7120·696e·7374··l·\|·grep·-q·inst
0009d0e0:·6566·6~~920~~·5d20·2661·6d70·3b26·616d·703b··~~efi·]~~·&&		0009d0e0:·616c·6c65·6420·2661·6d70·3b26·616d·703b··alled·&&
0009d0f0:·207b·205b·2021·202d·6620·2f2e·646f·636b···{·[·!·-f·/.dock		0009d0f0:·207b·205b·2021·202d·6620·2f2e·646f·636b···{·[·!·-f·/.dock
0009d100:·6572·656e·7620·5d20·2661·6d70·3b26·616d··erenv·]·&&am		0009d100:·6572·656e·7620·5d20·2661·6d70·3b26·616d··erenv·]·&&am
0009d110:·703b·205b·2021·202d·6620·2f72·756e·2f2e··p;·[·!·-f·/run/.		0009d110:·703b·205b·2021·202d·6620·2f72·756e·2f2e··p;·[·!·-f·/run/.
0009d120:·636f·6e74·6169·6e65·7265·6e76·205d·3b20··containerenv·];·		0009d120:·636f·6e74·6169·6e65·7265·6e76·205d·3b20··containerenv·];·
0009d130:·7d3b·2074·6865·6e0a·0a63·686d·6f64·2075··};·then..chmod·u		0009d130:·7d3b·2074·6865·6e0a·0a63·686d·6f64·2075··};·then..chmod·u
0009d140:·2d78·732c·672d·7877·7273·2c6f·2d78·7772··-xs,g-xwrs,o-xwr		0009d140:·2d78·732c·672d·7877·7273·2c6f·2d78·7772··-xs,g-xwrs,o-xwr
0009d150:·7420·2f62·6f6f·742f·6772·7562·2f67·7275··t·/boot/grub/gru		0009d150:·7420·2f62·6f6f·742f·6772·7562·2f67·7275··t·/boot/grub/gru
Offset 40268, 22 lines modified		Offset 40268, 22 lines modified
0009d4b0:·206e·616d·653a·2054·6573·7420·666f·7220···name:·Test·for·		0009d4b0:·206e·616d·653a·2054·6573·7420·666f·7220···name:·Test·for·
0009d4c0:·6578·6973·7465·6e63·6520·2f62·6f6f·742f··existence·/boot/		0009d4c0:·6578·6973·7465·6e63·6520·2f62·6f6f·742f··existence·/boot/
0009d4d0:·6772·7562·2f67·7275·622e·6366·670a·2020··grub/grub.cfg.··		0009d4d0:·6772·7562·2f67·7275·622e·6366·670a·2020··grub/grub.cfg.··
Max diff block lines reached; 18684/27922 bytes (66.91%) of diff not shown.


Offset 3369, 16 lines modified		Offset 3369, 16 lines modified
3369	············A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),·PR.AC-4,·PR.DS-5,	3369	············A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),·PR.AC-4,·PR.DS-5,
3370	············Req-7.1,·1.5.2	3370	············Req-7.1,·1.5.2
3371	Remediation_Shell_script_⇲	3371	Remediation_Shell_script_⇲
3372	Complexity:·low	3372	Complexity:·low
3373	Disruption:·low	3373	Disruption:·low
3374	Strategy:···configure	3374	Strategy:···configure
3375	#·Remediation·is·applicable·only·in·certain·platforms	3375	#·Remediation·is·applicable·only·in·certain·platforms
3376	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/dev/~~null·\|·grep·-q·installed·&&·[·!~~	3376	if·[·!·-f·/sys/firmware/efi·]·&&·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/dev/
3377	-f·~~/sys/firmware/efi·]~~·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then	3377	null·\|·grep·-q·installed·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then

3378	chown·0·/boot/grub/grub.cfg	3378	chown·0·/boot/grub/grub.cfg

3379	else	3379	else
3380	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'	3380	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'
3381	fi	3381	fi
3382	Remediation_Ansible_snippet_⇲	3382	Remediation_Ansible_snippet_⇲
Offset 3402, 16 lines modified		Offset 3402, 16 lines modified
3402	··-·no_reboot_needed	3402	··-·no_reboot_needed

3403	-·name:·Test·for·existence·/boot/grub/grub.cfg	3403	-·name:·Test·for·existence·/boot/grub/grub.cfg
3404	··stat:	3404	··stat:
3405	····path:·/boot/grub/grub.cfg	3405	····path:·/boot/grub/grub.cfg
3406	··register:·file_exists	3406	··register:·file_exists
3407	··when:	3407	··when:
3408	··-·'"grub2-common"·in·ansible_facts.packages'
3409	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3408	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3409	··-·'"grub2-common"·in·ansible_facts.packages'
3410	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3410	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3411	··tags:	3411	··tags:
3412	··-·CJIS-5.5.2.2	3412	··-·CJIS-5.5.2.2
3413	··-·NIST-800-171-3.4.5	3413	··-·NIST-800-171-3.4.5
3414	··-·NIST-800-53-AC-6(1)	3414	··-·NIST-800-53-AC-6(1)
3415	··-·NIST-800-53-CM-6(a)	3415	··-·NIST-800-53-CM-6(a)
3416	··-·PCI-DSS-Req-7.1	3416	··-·PCI-DSS-Req-7.1
Offset 3423, 16 lines modified		Offset 3423, 16 lines modified
3423	··-·no_reboot_needed	3423	··-·no_reboot_needed

3424	-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg	3424	-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg
3425	··file:	3425	··file:
3426	····path:·/boot/grub/grub.cfg	3426	····path:·/boot/grub/grub.cfg
3427	····owner:·'0'	3427	····owner:·'0'
3428	··when:	3428	··when:
3429	··-·'"grub2-common"·in·ansible_facts.packages'
3430	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3429	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3430	··-·'"grub2-common"·in·ansible_facts.packages'
3431	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3431	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3432	··-·file_exists.stat·is·defined·and·file_exists.stat.exists	3432	··-·file_exists.stat·is·defined·and·file_exists.stat.exists
3433	··tags:	3433	··tags:
3434	··-·CJIS-5.5.2.2	3434	··-·CJIS-5.5.2.2
3435	··-·NIST-800-171-3.4.5	3435	··-·NIST-800-171-3.4.5
3436	··-·NIST-800-53-AC-6(1)	3436	··-·NIST-800-53-AC-6(1)
3437	··-·NIST-800-53-CM-6(a)	3437	··-·NIST-800-53-CM-6(a)
Offset 3458, 16 lines modified		Offset 3458, 16 lines modified
3458	············A.8.2.2,·A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),	3458	············A.8.2.2,·A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),
3459	············PR.AC-4,·PR.DS-5,·1.5.2	3459	············PR.AC-4,·PR.DS-5,·1.5.2
3460	Remediation_Shell_script_⇲	3460	Remediation_Shell_script_⇲
3461	Complexity:·low	3461	Complexity:·low
3462	Disruption:·low	3462	Disruption:·low
3463	Strategy:···configure	3463	Strategy:···configure
3464	#·Remediation·is·applicable·only·in·certain·platforms	3464	#·Remediation·is·applicable·only·in·certain·platforms
3465	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>~~/dev~~/~~null·\|·grep·-q·installed·&&~~	3465	if·[·!·-f·/sys/firmware/efi·]·&&·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/
3466	~~[·!·-f~~·~~/sys/firmware/efi·]~~·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then	3466	dev/null·\|·grep·-q·installed·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then

3467	chmod·u-xs,g-xwrs,o-xwrt·/boot/grub/grub.cfg	3467	chmod·u-xs,g-xwrs,o-xwrt·/boot/grub/grub.cfg

3468	else	3468	else
3469	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'	3469	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'
3470	fi	3470	fi
3471	Remediation_Ansible_snippet_⇲	3471	Remediation_Ansible_snippet_⇲
Offset 3489, 16 lines modified		Offset 3489, 16 lines modified
3489	··-·no_reboot_needed	3489	··-·no_reboot_needed

3490	-·name:·Test·for·existence·/boot/grub/grub.cfg	3490	-·name:·Test·for·existence·/boot/grub/grub.cfg
3491	··stat:	3491	··stat:
3492	····path:·/boot/grub/grub.cfg	3492	····path:·/boot/grub/grub.cfg
3493	··register:·file_exists	3493	··register:·file_exists
3494	··when:	3494	··when:
3495	··-·'"grub2-common"·in·ansible_facts.packages'
3496	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3495	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3496	··-·'"grub2-common"·in·ansible_facts.packages'
3497	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3497	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3498	··tags:	3498	··tags:
3499	··-·NIST-800-171-3.4.5	3499	··-·NIST-800-171-3.4.5
3500	··-·NIST-800-53-AC-6(1)	3500	··-·NIST-800-53-AC-6(1)
3501	··-·NIST-800-53-CM-6(a)	3501	··-·NIST-800-53-CM-6(a)
3502	··-·configure_strategy	3502	··-·configure_strategy
3503	··-·file_permissions_grub2_cfg	3503	··-·file_permissions_grub2_cfg
Offset 3508, 16 lines modified		Offset 3508, 16 lines modified
3508	··-·no_reboot_needed	3508	··-·no_reboot_needed

3509	-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg	3509	-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg
3510	··file:	3510	··file:
3511	····path:·/boot/grub/grub.cfg	3511	····path:·/boot/grub/grub.cfg
3512	····mode:·u-xs,g-xwrs,o-xwrt	3512	····mode:·u-xs,g-xwrs,o-xwrt
3513	··when:	3513	··when:
3514	··-·'"grub2-common"·in·ansible_facts.packages'
3515	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	3514	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		3515	··-·'"grub2-common"·in·ansible_facts.packages'
3516	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	3516	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
3517	··-·file_exists.stat·is·defined·and·file_exists.stat.exists	3517	··-·file_exists.stat·is·defined·and·file_exists.stat.exists
3518	··tags:	3518	··tags:
3519	··-·NIST-800-171-3.4.5	3519	··-·NIST-800-171-3.4.5
3520	··-·NIST-800-53-AC-6(1)	3520	··-·NIST-800-53-AC-6(1)
3521	··-·NIST-800-53-CM-6(a)	3521	··-·NIST-800-53-CM-6(a)
3522	··-·configure_strategy	3522	··-·configure_strategy
Offset 10430, 14 lines modified		Offset 10430, 30 lines modified
10430	············CCI-000366,·4.3.3.5.1,·4.3.3.5.2,·4.3.3.5.3,·4.3.3.5.4,·4.3.3.5.5,·4.3.3.5.6,·4.3.3.5.7,	10430	············CCI-000366,·4.3.3.5.1,·4.3.3.5.2,·4.3.3.5.3,·4.3.3.5.4,·4.3.3.5.5,·4.3.3.5.6,·4.3.3.5.7,
10431	Identifiers·4.3.3.5.8,·4.3.3.6.1,·4.3.3.6.2,·4.3.3.6.3,·4.3.3.6.4,·4.3.3.6.5,·4.3.3.6.6,·4.3.3.6.7,	10431	Identifiers·4.3.3.5.8,·4.3.3.6.1,·4.3.3.6.2,·4.3.3.6.3,·4.3.3.6.4,·4.3.3.6.5,·4.3.3.6.6,·4.3.3.6.7,
10432	and·········4.3.3.6.8,·4.3.3.6.9,·4.3.3.7.1,·4.3.3.7.2,·4.3.3.7.3,·4.3.3.7.4,·4.3.4.3.2,·4.3.4.3.3,·SR_1.1,	10432	and·········4.3.3.6.8,·4.3.3.6.9,·4.3.3.7.1,·4.3.3.7.2,·4.3.3.7.3,·4.3.3.7.4,·4.3.4.3.2,·4.3.4.3.3,·SR_1.1,
10433	References··SR_1.10,·SR_1.11,·SR_1.12,·SR_1.13,·SR_1.2,·SR_1.3,·SR_1.4,·SR_1.5,·SR_1.6,·SR_1.7,·SR_1.8,·SR	10433	References··SR_1.10,·SR_1.11,·SR_1.12,·SR_1.13,·SR_1.2,·SR_1.3,·SR_1.4,·SR_1.5,·SR_1.6,·SR_1.7,·SR_1.8,·SR
10434	············1.9,·SR_2.1,·SR_2.2,·SR_2.3,·SR_2.4,·SR_2.5,·SR_2.6,·SR_2.7,·SR_7.6,·A.12.1.2,·A.12.5.1,	10434	············1.9,·SR_2.1,·SR_2.2,·SR_2.3,·SR_2.4,·SR_2.5,·SR_2.6,·SR_2.7,·SR_7.6,·A.12.1.2,·A.12.5.1,
10435	············A.12.6.2,·A.14.2.2,·A.14.2.3,·A.14.2.4,·A.9.1.2,·CM-7(a),·CM-7(b),·CM-6(a),·PR.IP-1,·PR.PT-3,	10435	············A.12.6.2,·A.14.2.2,·A.14.2.3,·A.14.2.4,·A.9.1.2,·CM-7(a),·CM-7(b),·CM-6(a),·PR.IP-1,·PR.PT-3,
10436	············2.2.3	10436	············2.2.3
		10437	Remediation_OSBuild_Blueprint_snippet_⇲

		10438	[customizations.services]
		10439	disabled·=·["avahi-daemon"]
		10440	Remediation_Puppet_snippet_⇲
		10441	Complexity:·low
		10442	Disruption:·low
		10443	Strategy:···enable
		10444	include·disable_avahi-daemon

		10445	class·disable_avahi-daemon·{
		10446	··service·{'avahi-daemon':
		10447	····enable·=>·false,
		10448	····ensure·=>·'stopped',
Max diff block lines reached; 877/5956 bytes (14.72%) of diff not shown.


Offset 174995, 24 lines modified		Offset 174995, 24 lines modified
002ab920:·3c74·683e·5374·7261·7465·6779·3a3c·2f74··<th>Strategy:</t		002ab920:·3c74·683e·5374·7261·7465·6779·3a3c·2f74··<th>Strategy:</t
002ab930:·683e·3c74·643e·636f·6e66·6967·7572·653c··h><td>configure<		002ab930:·683e·3c74·643e·636f·6e66·6967·7572·653c··h><td>configure<
002ab940:·2f74·643e·3c2f·7472·3e3c·2f74·6162·6c65··/td></tr></table		002ab940:·2f74·643e·3c2f·7472·3e3c·2f74·6162·6c65··/td></tr></table
002ab950:·3e3c·7072·653e·3c63·6f64·653e·2320·5265··><pre><code>#·Re		002ab950:·3e3c·7072·653e·3c63·6f64·653e·2320·5265··><pre><code>#·Re
002ab960:·6d65·6469·6174·696f·6e20·6973·2061·7070··mediation·is·app		002ab960:·6d65·6469·6174·696f·6e20·6973·2061·7070··mediation·is·app
002ab970:·6c69·6361·626c·6520·6f6e·6c79·2069·6e20··licable·only·in·		002ab970:·6c69·6361·626c·6520·6f6e·6c79·2069·6e20··licable·only·in·
002ab980:·6365·7274·6169·6e20·706c·6174·666f·726d··certain·platform		002ab980:·6365·7274·6169·6e20·706c·6174·666f·726d··certain·platform
		002ab990:·730a·6966·205b·2021·202d·6620·2f73·7973··s.if·[·!·-f·/sys
002ab990:·730a·6966·2064·706b·672d·7175·6572·7920··s.if·dpkg-query·
002ab9a0:·2d2d·7368·6f77·202d·2d73·686f·7766·6f72··--show·--showfor
002ab9b0:·6d61·743d·2724·7b64·623a·5374·6174·7573··mat='${db:Status
002ab9c0:·2d53·7461·7475·737d·5c6e·2720·2767·7275··-Status}\n'·'gru
002ab9d0:·6232·2d63·6f6d·6d6f·6e27·2032·2667·743b··b2-common'·2>
002ab9e0:·2f64·6576·2f6e·756c·6c20·7c20·6772·6570··/dev/null·\|·grep
002ab9f0:·202d·7120·696e·7374·616c·6c65·6420·2661···-q·installed·&a
002aba00:·6d70·3b26·616d·703b·205b·2021·202d·6620··mp;&·[·!·-f·
002aba10:~~·2f73·7973~~·2f66·6972·6d77·6172·652f·6566··~~/sys~~/firmware/ef		002ab9a0:·2f66·6972·6d77·6172·652f·6566·6920·5d20··/firmware/efi·]·
		002ab9b0:·2661·6d70·3b26·616d·703b·2064·706b·672d··&&·dpkg-
		002ab9c0:·7175·6572·7920·2d2d·7368·6f77·202d·2d73··query·--show·--s
		002ab9d0:·686f·7766·6f72·6d61·743d·2724·7b64·623a··howformat='${db:
		002ab9e0:·5374·6174·7573·2d53·7461·7475·737d·5c6e··Status-Status}\n
		002ab9f0:·2720·2767·7275·6232·2d63·6f6d·6d6f·6e27··'·'grub2-common'
		002aba00:·2032·2667·743b·2f64·6576·2f6e·756c·6c20···2>/dev/null·
		002aba10:·7c20·6772·6570·202d·7120·696e·7374·616c··\|·grep·-q·instal
002aba20:·6~~920~~·5d20·2661·6d70·3b26·616d·703b·207b··~~i·]~~·&&·{		002aba20:·6c65·6420·2661·6d70·3b26·616d·703b·207b··led·&&·{
002aba30:·205b·2021·202d·6620·2f2e·646f·636b·6572···[·!·-f·/.docker		002aba30:·205b·2021·202d·6620·2f2e·646f·636b·6572···[·!·-f·/.docker
002aba40:·656e·7620·5d20·2661·6d70·3b26·616d·703b··env·]·&&		002aba40:·656e·7620·5d20·2661·6d70·3b26·616d·703b··env·]·&&
002aba50:·205b·2021·202d·6620·2f72·756e·2f2e·636f···[·!·-f·/run/.co		002aba50:·205b·2021·202d·6620·2f72·756e·2f2e·636f···[·!·-f·/run/.co
002aba60:·6e74·6169·6e65·7265·6e76·205d·3b20·7d3b··ntainerenv·];·};		002aba60:·6e74·6169·6e65·7265·6e76·205d·3b20·7d3b··ntainerenv·];·};
002aba70:·2074·6865·6e0a·0a63·686f·776e·2030·202f···then..chown·0·/		002aba70:·2074·6865·6e0a·0a63·686f·776e·2030·202f···then..chown·0·/
002aba80:·626f·6f74·2f67·7275·622f·6772·7562·2e63··boot/grub/grub.c		002aba80:·626f·6f74·2f67·7275·622f·6772·7562·2e63··boot/grub/grub.c
002aba90:·6667·0a0a·656c·7365·0a20·2020·2026·6774··fg..else.····&gt		002aba90:·6667·0a0a·656c·7365·0a20·2020·2026·6774··fg..else.····&gt
Offset 175073, 22 lines modified		Offset 175073, 22 lines modified
002abe00:·653a·2054·6573·7420·666f·7220·6578·6973··e:·Test·for·exis		002abe00:·653a·2054·6573·7420·666f·7220·6578·6973··e:·Test·for·exis
002abe10:·7465·6e63·6520·2f62·6f6f·742f·6772·7562··tence·/boot/grub		002abe10:·7465·6e63·6520·2f62·6f6f·742f·6772·7562··tence·/boot/grub
002abe20:·2f67·7275·622e·6366·670a·2020·7374·6174··/grub.cfg.··stat		002abe20:·2f67·7275·622e·6366·670a·2020·7374·6174··/grub.cfg.··stat
002abe30:·3a0a·2020·2020·7061·7468·3a20·2f62·6f6f··:.····path:·/boo		002abe30:·3a0a·2020·2020·7061·7468·3a20·2f62·6f6f··:.····path:·/boo
002abe40:·742f·6772·7562·2f67·7275·622e·6366·670a··t/grub/grub.cfg.		002abe40:·742f·6772·7562·2f67·7275·622e·6366·670a··t/grub/grub.cfg.
002abe50:·2020·7265·6769·7374·6572·3a20·6669·6c65····register:·file		002abe50:·2020·7265·6769·7374·6572·3a20·6669·6c65····register:·file
002abe60:·5f65·7869·7374·730a·2020·7768·656e·3a0a··_exists.··when:.		002abe60:·5f65·7869·7374·730a·2020·7768·656e·3a0a··_exists.··when:.
002abe70:·2020·2d20·2722·6772·7562·322d·636f·6d6d····-·'"grub2-comm
002abe80:·6f6e·2220·696e·2061·6e73·6962·6c65·5f66··on"·in·ansible_f
002abe90:·6163·7473·2e70·6163·6b61·6765·7327·0a20··acts.packages'.·
002abea0:·202d·2027·222f·626f·6f74·2f65·6669·2220···-·'"/boot/efi"·
002abeb0:·6e6f·7420·696e·2061·6e73·6962·6c65·5f6d··not·in·ansible_m
002abec0:·6f75·6e74·7320·7c20·6d61·7028·6174·7472··ounts·\|·map(attr
002abed0:·~~6962~~·~~7574~~·~~653d~~·226d·6f75·~~6e74~~·~~2229~~·~~207c~~··~~ibute="m~~o~~unt")·\|~~		002abe70:·2020·2d20·2722·2f62·6f6f·742f·6566·6922····-·'"/boot/efi"
		002abe80:·206e·6f74·2069·6e20·616e·7369·626c·655f···not·in·ansible_
		002abe90:·6d6f·756e·7473·207c·206d·6170·2861·7474··mounts·\|·map(att
		002abea0:·7269·6275·7465·3d22·6d6f·756e·7422·2920··ribute="mount")·
		002abeb0:·7c20·6c69·7374·270a·2020·2d20·2722·6772··\|·list'.··-·'"gr
		002abec0:·7562·322d·636f·6d6d·6f6e·2220·696e·2061··ub2-common"·in·a
		002abed0:·6e73·6962·6c65·5f66·6163·7473·2e70·6163··nsible_facts.pac
002abee0:·206c·6~~973~~·7427·0a20·202d·2061·6e73·6962··~~·list~~'.··-·ansib		002abee0:·6b61·6765·7327·0a20·202d·2061·6e73·6962··kages'.··-·ansib
002abef0:·6c65·5f76·6972·7475·616c·697a·6174·696f··le_virtualizatio		002abef0:·6c65·5f76·6972·7475·616c·697a·6174·696f··le_virtualizatio
002abf00:·6e5f·7479·7065·206e·6f74·2069·6e20·5b22··n_type·not·in·["		002abf00:·6e5f·7479·7065·206e·6f74·2069·6e20·5b22··n_type·not·in·["
002abf10:·646f·636b·6572·222c·2022·6c78·6322·2c20··docker",·"lxc",·		002abf10:·646f·636b·6572·222c·2022·6c78·6322·2c20··docker",·"lxc",·
002abf20:·226f·7065·6e76·7a22·2c20·2270·6f64·6d61··"openvz",·"podma		002abf20:·226f·7065·6e76·7a22·2c20·2270·6f64·6d61··"openvz",·"podma
002abf30:·6e22·2c20·2263·6f6e·7461·696e·6572·225d··n",·"container"]		002abf30:·6e22·2c20·2263·6f6e·7461·696e·6572·225d··n",·"container"]
002abf40:·0a20·2074·6167·733a·0a20·202d·2043·4a49··.··tags:.··-·CJI		002abf40:·0a20·2074·6167·733a·0a20·202d·2043·4a49··.··tags:.··-·CJI
002abf50:·532d·352e·352e·322e·320a·2020·2d20·4e49··S-5.5.2.2.··-·NI		002abf50:·532d·352e·352e·322e·320a·2020·2d20·4e49··S-5.5.2.2.··-·NI
Offset 175108, 22 lines modified		Offset 175108, 22 lines modified
002ac030:·6465·640a·0a2d·206e·616d·653a·2045·6e73··ded..-·name:·Ens		002ac030:·6465·640a·0a2d·206e·616d·653a·2045·6e73··ded..-·name:·Ens
002ac040:·7572·6520·6f77·6e65·7220·3020·6f6e·202f··ure·owner·0·on·/		002ac040:·7572·6520·6f77·6e65·7220·3020·6f6e·202f··ure·owner·0·on·/
002ac050:·626f·6f74·2f67·7275·622f·6772·7562·2e63··boot/grub/grub.c		002ac050:·626f·6f74·2f67·7275·622f·6772·7562·2e63··boot/grub/grub.c
002ac060:·6667·0a20·2066·696c·653a·0a20·2020·2070··fg.··file:.····p		002ac060:·6667·0a20·2066·696c·653a·0a20·2020·2070··fg.··file:.····p
002ac070:·6174·683a·202f·626f·6f74·2f67·7275·622f··ath:·/boot/grub/		002ac070:·6174·683a·202f·626f·6f74·2f67·7275·622f··ath:·/boot/grub/
002ac080:·6772·7562·2e63·6667·0a20·2020·206f·776e··grub.cfg.····own		002ac080:·6772·7562·2e63·6667·0a20·2020·206f·776e··grub.cfg.····own
002ac090:·6572·3a20·2730·270a·2020·7768·656e·3a0a··er:·'0'.··when:.		002ac090:·6572·3a20·2730·270a·2020·7768·656e·3a0a··er:·'0'.··when:.
002ac0a0:·2020·2d20·2722·6772·7562·322d·636f·6d6d····-·'"grub2-comm
002ac0b0:·6f6e·2220·696e·2061·6e73·6962·6c65·5f66··on"·in·ansible_f
002ac0c0:·6163·7473·2e70·6163·6b61·6765·7327·0a20··acts.packages'.·
002ac0d0:·202d·2027·222f·626f·6f74·2f65·6669·2220···-·'"/boot/efi"·
002ac0e0:·6e6f·7420·696e·2061·6e73·6962·6c65·5f6d··not·in·ansible_m
002ac0f0:·6f75·6e74·7320·7c20·6d61·7028·6174·7472··ounts·\|·map(attr
002ac100:·~~6962~~·~~7574~~·~~653d~~·226d·6f75·~~6e74~~·~~2229~~·~~207c~~··~~ibute="m~~o~~unt")·\|~~		002ac0a0:·2020·2d20·2722·2f62·6f6f·742f·6566·6922····-·'"/boot/efi"
		002ac0b0:·206e·6f74·2069·6e20·616e·7369·626c·655f···not·in·ansible_
		002ac0c0:·6d6f·756e·7473·207c·206d·6170·2861·7474··mounts·\|·map(att
		002ac0d0:·7269·6275·7465·3d22·6d6f·756e·7422·2920··ribute="mount")·
		002ac0e0:·7c20·6c69·7374·270a·2020·2d20·2722·6772··\|·list'.··-·'"gr
		002ac0f0:·7562·322d·636f·6d6d·6f6e·2220·696e·2061··ub2-common"·in·a
		002ac100:·6e73·6962·6c65·5f66·6163·7473·2e70·6163··nsible_facts.pac
002ac110:·206c·6~~973~~·7427·0a20·202d·2061·6e73·6962··~~·list~~'.··-·ansib		002ac110:·6b61·6765·7327·0a20·202d·2061·6e73·6962··kages'.··-·ansib
002ac120:·6c65·5f76·6972·7475·616c·697a·6174·696f··le_virtualizatio		002ac120:·6c65·5f76·6972·7475·616c·697a·6174·696f··le_virtualizatio
002ac130:·6e5f·7479·7065·206e·6f74·2069·6e20·5b22··n_type·not·in·["		002ac130:·6e5f·7479·7065·206e·6f74·2069·6e20·5b22··n_type·not·in·["
002ac140:·646f·636b·6572·222c·2022·6c78·6322·2c20··docker",·"lxc",·		002ac140:·646f·636b·6572·222c·2022·6c78·6322·2c20··docker",·"lxc",·
002ac150:·226f·7065·6e76·7a22·2c20·2270·6f64·6d61··"openvz",·"podma		002ac150:·226f·7065·6e76·7a22·2c20·2270·6f64·6d61··"openvz",·"podma
002ac160:·6e22·2c20·2263·6f6e·7461·696e·6572·225d··n",·"container"]		002ac160:·6e22·2c20·2263·6f6e·7461·696e·6572·225d··n",·"container"]
002ac170:·0a20·202d·2066·696c·655f·6578·6973·7473··.··-·file_exists		002ac170:·0a20·202d·2066·696c·655f·6578·6973·7473··.··-·file_exists
002ac180:·2e73·7461·7420·6973·2064·6566·696e·6564··.stat·is·defined		002ac180:·2e73·7461·7420·6973·2064·6566·696e·6564··.stat·is·defined
Offset 175565, 24 lines modified		Offset 175565, 24 lines modified
002adcc0:·7472·3e3c·7468·3e53·7472·6174·6567·793a··tr><th>Strategy:		002adcc0:·7472·3e3c·7468·3e53·7472·6174·6567·793a··tr><th>Strategy:
002adcd0:·3c2f·7468·3e3c·7464·3e63·6f6e·6669·6775··</th><td>configu		002adcd0:·3c2f·7468·3e3c·7464·3e63·6f6e·6669·6775··</th><td>configu
002adce0:·7265·3c2f·7464·3e3c·2f74·723e·3c2f·7461··re</td></tr></ta		002adce0:·7265·3c2f·7464·3e3c·2f74·723e·3c2f·7461··re</td></tr></ta
002adcf0:·626c·653e·3c70·7265·3e3c·636f·6465·3e23··ble><pre><code>#		002adcf0:·626c·653e·3c70·7265·3e3c·636f·6465·3e23··ble><pre><code>#
002add00:·2052·656d·6564·6961·7469·6f6e·2069·7320···Remediation·is·		002add00:·2052·656d·6564·6961·7469·6f6e·2069·7320···Remediation·is·
002add10:·6170·706c·6963·6162·6c65·206f·6e6c·7920··applicable·only·		002add10:·6170·706c·6963·6162·6c65·206f·6e6c·7920··applicable·only·
002add20:·696e·2063·6572·7461·696e·2070·6c61·7466··in·certain·platf		002add20:·696e·2063·6572·7461·696e·2070·6c61·7466··in·certain·platf
		002add30:·6f72·6d73·0a69·6620·5b20·2120·2d66·202f··orms.if·[·!·-f·/
		002add40:·7379·732f·6669·726d·7761·7265·2f65·6669··sys/firmware/efi
002add30:·6f72·6d73·0a69·6620·6470·6b67·2d71·7565··orms.if·dpkg-que
002add40:·7279·202d·2d73·686f·7720·2d2d·7368·6f77··ry·--show·--show
002add50:·666f·726d·6174·3d27·247b·6462·3a53·7461··format='${db:Sta
002add60:·7475·732d·5374·6174·7573·7d5c·6e27·2027··tus-Status}\n'·'
002add70:·6772·7562·322d·636f·6d6d·6f6e·2720·3226··grub2-common'·2&
002add80:·6774·3b2f·6465·762f·6e75·6c6c·207c·2067··gt;/dev/null·\|·g
002add90:·7265·7020·2d71·2069·6e73·7461·6c6c·6564··rep·-q·installed
002adda0:·2026·616d·703b·2661·6d70·3b20·~~5b2~~0·~~212~~0···&&·[·!·		002add50:·205d·2026·616d·703b·2661·6d70·3b20·6470···]·&&·dp
002addb0:·2d66·2~~02f~~·7~~379~~·7~~32f~~·~~6669~~·~~726d~~·7761·7265··-~~f·/s~~y~~s/firm~~ware		002add60:·6b67·2d71·7565·7279·202d·2d73·686f·7720··kg-query·--show·
		002add70:·2d2d·7368·6f77·666f·726d·6174·3d27·247b··--showformat='${
		002add80:·6462·3a53·7461·7475·732d·5374·6174·7573··db:Status-Status
		002add90:·7d5c·6e27·2027·6772·7562·322d·636f·6d6d··}\n'·'grub2-comm
		002adda0:·6f6e·2720·3226·6774·3b2f·6465·762f·6e75··on'·2>/dev/nu
		002addb0:·6c6c·207c·2067·7265·7020·2d71·2069·6e73··ll·\|·grep·-q·ins
002addc0:·2f65·6669·~~205d~~·2026·616d·703b·2661·6d70··~~/efi·]~~·&&amp		002addc0:·7461·6c6c·6564·2026·616d·703b·2661·6d70··talled·&&amp
002addd0:·3b20·7b20·5b20·2120·2d66·202f·2e64·6f63··;·{·[·!·-f·/.doc		002addd0:·3b20·7b20·5b20·2120·2d66·202f·2e64·6f63··;·{·[·!·-f·/.doc
002adde0:·6b65·7265·6e76·205d·2026·616d·703b·2661··kerenv·]·&&a		002adde0:·6b65·7265·6e76·205d·2026·616d·703b·2661··kerenv·]·&&a
002addf0:·6d70·3b20·5b20·2120·2d66·202f·7275·6e2f··mp;·[·!·-f·/run/		002addf0:·6d70·3b20·5b20·2120·2d66·202f·7275·6e2f··mp;·[·!·-f·/run/
002ade00:·2e63·6f6e·7461·696e·6572·656e·7620·5d3b··.containerenv·];		002ade00:·2e63·6f6e·7461·696e·6572·656e·7620·5d3b··.containerenv·];
002ade10:·207d·3b20·7468·656e·0a0a·6368·6d6f·6420···};·then..chmod·		002ade10:·207d·3b20·7468·656e·0a0a·6368·6d6f·6420···};·then..chmod·
002ade20:·752d·7873·2c67·2d78·7772·732c·6f2d·7877··u-xs,g-xwrs,o-xw		002ade20:·752d·7873·2c67·2d78·7772·732c·6f2d·7877··u-xs,g-xwrs,o-xw
002ade30:·7274·202f·626f·6f74·2f67·7275·622f·6772··rt·/boot/grub/gr		002ade30:·7274·202f·626f·6f74·2f67·7275·622f·6772··rt·/boot/grub/gr
Offset 175642, 22 lines modified		Offset 175642, 22 lines modified
002ae190:·2d20·6e61·6d65·3a20·5465·7374·2066·6f72··-·name:·Test·for		002ae190:·2d20·6e61·6d65·3a20·5465·7374·2066·6f72··-·name:·Test·for
002ae1a0:·2065·7869·7374·656e·6365·202f·626f·6f74···existence·/boot		002ae1a0:·2065·7869·7374·656e·6365·202f·626f·6f74···existence·/boot
002ae1b0:·2f67·7275·622f·6772·7562·2e63·6667·0a20··/grub/grub.cfg.·		002ae1b0:·2f67·7275·622f·6772·7562·2e63·6667·0a20··/grub/grub.cfg.·
002ae1c0:·2073·7461·743a·0a20·2020·2070·6174·683a···stat:.····path:		002ae1c0:·2073·7461·743a·0a20·2020·2070·6174·683a···stat:.····path:
Max diff block lines reached; 33139/42456 bytes (78.05%) of diff not shown.


Offset 39152, 16 lines modified		Offset 39152, 16 lines modified
39152	············A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),·PR.AC-4,·PR.DS-5,	39152	············A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),·PR.AC-4,·PR.DS-5,
39153	············Req-7.1,·1.5.2	39153	············Req-7.1,·1.5.2
39154	Remediation_Shell_script_⇲	39154	Remediation_Shell_script_⇲
39155	Complexity:·low	39155	Complexity:·low
39156	Disruption:·low	39156	Disruption:·low
39157	Strategy:···configure	39157	Strategy:···configure
39158	#·Remediation·is·applicable·only·in·certain·platforms	39158	#·Remediation·is·applicable·only·in·certain·platforms
39159	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/dev/~~null·\|·grep·-q·installed·&&·[·!~~	39159	if·[·!·-f·/sys/firmware/efi·]·&&·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/dev/
39160	-f·~~/sys/firmware/efi·]~~·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then	39160	null·\|·grep·-q·installed·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then

39161	chown·0·/boot/grub/grub.cfg	39161	chown·0·/boot/grub/grub.cfg

39162	else	39162	else
39163	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'	39163	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'
39164	fi	39164	fi
39165	Remediation_Ansible_snippet_⇲	39165	Remediation_Ansible_snippet_⇲
Offset 39185, 16 lines modified		Offset 39185, 16 lines modified
39185	··-·no_reboot_needed	39185	··-·no_reboot_needed

39186	-·name:·Test·for·existence·/boot/grub/grub.cfg	39186	-·name:·Test·for·existence·/boot/grub/grub.cfg
39187	··stat:	39187	··stat:
39188	····path:·/boot/grub/grub.cfg	39188	····path:·/boot/grub/grub.cfg
39189	··register:·file_exists	39189	··register:·file_exists
39190	··when:	39190	··when:
39191	··-·'"grub2-common"·in·ansible_facts.packages'
39192	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	39191	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		39192	··-·'"grub2-common"·in·ansible_facts.packages'
39193	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	39193	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
39194	··tags:	39194	··tags:
39195	··-·CJIS-5.5.2.2	39195	··-·CJIS-5.5.2.2
39196	··-·NIST-800-171-3.4.5	39196	··-·NIST-800-171-3.4.5
39197	··-·NIST-800-53-AC-6(1)	39197	··-·NIST-800-53-AC-6(1)
39198	··-·NIST-800-53-CM-6(a)	39198	··-·NIST-800-53-CM-6(a)
39199	··-·PCI-DSS-Req-7.1	39199	··-·PCI-DSS-Req-7.1
Offset 39206, 16 lines modified		Offset 39206, 16 lines modified
39206	··-·no_reboot_needed	39206	··-·no_reboot_needed

39207	-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg	39207	-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg
39208	··file:	39208	··file:
39209	····path:·/boot/grub/grub.cfg	39209	····path:·/boot/grub/grub.cfg
39210	····owner:·'0'	39210	····owner:·'0'
39211	··when:	39211	··when:
39212	··-·'"grub2-common"·in·ansible_facts.packages'
39213	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	39212	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		39213	··-·'"grub2-common"·in·ansible_facts.packages'
39214	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	39214	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
39215	··-·file_exists.stat·is·defined·and·file_exists.stat.exists	39215	··-·file_exists.stat·is·defined·and·file_exists.stat.exists
39216	··tags:	39216	··tags:
39217	··-·CJIS-5.5.2.2	39217	··-·CJIS-5.5.2.2
39218	··-·NIST-800-171-3.4.5	39218	··-·NIST-800-171-3.4.5
39219	··-·NIST-800-53-AC-6(1)	39219	··-·NIST-800-53-AC-6(1)
39220	··-·NIST-800-53-CM-6(a)	39220	··-·NIST-800-53-CM-6(a)
Offset 39241, 16 lines modified		Offset 39241, 16 lines modified
39241	············A.8.2.2,·A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),	39241	············A.8.2.2,·A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),
39242	············PR.AC-4,·PR.DS-5,·1.5.2	39242	············PR.AC-4,·PR.DS-5,·1.5.2
39243	Remediation_Shell_script_⇲	39243	Remediation_Shell_script_⇲
39244	Complexity:·low	39244	Complexity:·low
39245	Disruption:·low	39245	Disruption:·low
39246	Strategy:···configure	39246	Strategy:···configure
39247	#·Remediation·is·applicable·only·in·certain·platforms	39247	#·Remediation·is·applicable·only·in·certain·platforms
39248	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>~~/dev~~/~~null·\|·grep·-q·installed·&&~~	39248	if·[·!·-f·/sys/firmware/efi·]·&&·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/
39249	~~[·!·-f~~·~~/sys/firmware/efi·]~~·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then	39249	dev/null·\|·grep·-q·installed·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then

39250	chmod·u-xs,g-xwrs,o-xwrt·/boot/grub/grub.cfg	39250	chmod·u-xs,g-xwrs,o-xwrt·/boot/grub/grub.cfg

39251	else	39251	else
39252	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'	39252	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'
39253	fi	39253	fi
39254	Remediation_Ansible_snippet_⇲	39254	Remediation_Ansible_snippet_⇲
Offset 39272, 16 lines modified		Offset 39272, 16 lines modified
39272	··-·no_reboot_needed	39272	··-·no_reboot_needed

39273	-·name:·Test·for·existence·/boot/grub/grub.cfg	39273	-·name:·Test·for·existence·/boot/grub/grub.cfg
39274	··stat:	39274	··stat:
39275	····path:·/boot/grub/grub.cfg	39275	····path:·/boot/grub/grub.cfg
39276	··register:·file_exists	39276	··register:·file_exists
39277	··when:	39277	··when:
39278	··-·'"grub2-common"·in·ansible_facts.packages'
39279	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	39278	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		39279	··-·'"grub2-common"·in·ansible_facts.packages'
39280	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	39280	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
39281	··tags:	39281	··tags:
39282	··-·NIST-800-171-3.4.5	39282	··-·NIST-800-171-3.4.5
39283	··-·NIST-800-53-AC-6(1)	39283	··-·NIST-800-53-AC-6(1)
39284	··-·NIST-800-53-CM-6(a)	39284	··-·NIST-800-53-CM-6(a)
39285	··-·configure_strategy	39285	··-·configure_strategy
39286	··-·file_permissions_grub2_cfg	39286	··-·file_permissions_grub2_cfg
Offset 39291, 16 lines modified		Offset 39291, 16 lines modified
39291	··-·no_reboot_needed	39291	··-·no_reboot_needed

39292	-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg	39292	-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg
39293	··file:	39293	··file:
39294	····path:·/boot/grub/grub.cfg	39294	····path:·/boot/grub/grub.cfg
39295	····mode:·u-xs,g-xwrs,o-xwrt	39295	····mode:·u-xs,g-xwrs,o-xwrt
39296	··when:	39296	··when:
39297	··-·'"grub2-common"·in·ansible_facts.packages'
39298	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	39297	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		39298	··-·'"grub2-common"·in·ansible_facts.packages'
39299	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	39299	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
39300	··-·file_exists.stat·is·defined·and·file_exists.stat.exists	39300	··-·file_exists.stat·is·defined·and·file_exists.stat.exists
39301	··tags:	39301	··tags:
39302	··-·NIST-800-171-3.4.5	39302	··-·NIST-800-171-3.4.5
39303	··-·NIST-800-53-AC-6(1)	39303	··-·NIST-800-53-AC-6(1)
39304	··-·NIST-800-53-CM-6(a)	39304	··-·NIST-800-53-CM-6(a)
39305	··-·configure_strategy	39305	··-·configure_strategy
Offset 46780, 14 lines modified		Offset 46780, 30 lines modified
46780	············CCI-000366,·4.3.3.5.1,·4.3.3.5.2,·4.3.3.5.3,·4.3.3.5.4,·4.3.3.5.5,·4.3.3.5.6,·4.3.3.5.7,	46780	············CCI-000366,·4.3.3.5.1,·4.3.3.5.2,·4.3.3.5.3,·4.3.3.5.4,·4.3.3.5.5,·4.3.3.5.6,·4.3.3.5.7,
46781	Identifiers·4.3.3.5.8,·4.3.3.6.1,·4.3.3.6.2,·4.3.3.6.3,·4.3.3.6.4,·4.3.3.6.5,·4.3.3.6.6,·4.3.3.6.7,	46781	Identifiers·4.3.3.5.8,·4.3.3.6.1,·4.3.3.6.2,·4.3.3.6.3,·4.3.3.6.4,·4.3.3.6.5,·4.3.3.6.6,·4.3.3.6.7,
46782	and·········4.3.3.6.8,·4.3.3.6.9,·4.3.3.7.1,·4.3.3.7.2,·4.3.3.7.3,·4.3.3.7.4,·4.3.4.3.2,·4.3.4.3.3,·SR_1.1,	46782	and·········4.3.3.6.8,·4.3.3.6.9,·4.3.3.7.1,·4.3.3.7.2,·4.3.3.7.3,·4.3.3.7.4,·4.3.4.3.2,·4.3.4.3.3,·SR_1.1,
46783	References··SR_1.10,·SR_1.11,·SR_1.12,·SR_1.13,·SR_1.2,·SR_1.3,·SR_1.4,·SR_1.5,·SR_1.6,·SR_1.7,·SR_1.8,·SR	46783	References··SR_1.10,·SR_1.11,·SR_1.12,·SR_1.13,·SR_1.2,·SR_1.3,·SR_1.4,·SR_1.5,·SR_1.6,·SR_1.7,·SR_1.8,·SR
46784	············1.9,·SR_2.1,·SR_2.2,·SR_2.3,·SR_2.4,·SR_2.5,·SR_2.6,·SR_2.7,·SR_7.6,·A.12.1.2,·A.12.5.1,	46784	············1.9,·SR_2.1,·SR_2.2,·SR_2.3,·SR_2.4,·SR_2.5,·SR_2.6,·SR_2.7,·SR_7.6,·A.12.1.2,·A.12.5.1,
46785	············A.12.6.2,·A.14.2.2,·A.14.2.3,·A.14.2.4,·A.9.1.2,·CM-7(a),·CM-7(b),·CM-6(a),·PR.IP-1,·PR.PT-3,	46785	············A.12.6.2,·A.14.2.2,·A.14.2.3,·A.14.2.4,·A.9.1.2,·CM-7(a),·CM-7(b),·CM-6(a),·PR.IP-1,·PR.PT-3,
46786	············2.2.3	46786	············2.2.3
		46787	Remediation_OSBuild_Blueprint_snippet_⇲

		46788	[customizations.services]
		46789	disabled·=·["avahi-daemon"]
		46790	Remediation_Puppet_snippet_⇲
		46791	Complexity:·low
		46792	Disruption:·low
		46793	Strategy:···enable
		46794	include·disable_avahi-daemon

		46795	class·disable_avahi-daemon·{
		46796	··service·{'avahi-daemon':
		46797	····enable·=>·false,
		46798	····ensure·=>·'stopped',
Max diff block lines reached; 2796/7887 bytes (35.45%) of diff not shown.


Offset 176549, 24 lines modified		Offset 176549, 24 lines modified
002b1a40:·3e3c·7468·3e53·7472·6174·6567·793a·3c2f··><th>Strategy:</		002b1a40:·3e3c·7468·3e53·7472·6174·6567·793a·3c2f··><th>Strategy:</
002b1a50:·7468·3e3c·7464·3e63·6f6e·6669·6775·7265··th><td>configure		002b1a50:·7468·3e3c·7464·3e63·6f6e·6669·6775·7265··th><td>configure
002b1a60:·3c2f·7464·3e3c·2f74·723e·3c2f·7461·626c··</td></tr></tabl		002b1a60:·3c2f·7464·3e3c·2f74·723e·3c2f·7461·626c··</td></tr></tabl
002b1a70:·653e·3c70·7265·3e3c·636f·6465·3e23·2052··e><pre><code>#·R		002b1a70:·653e·3c70·7265·3e3c·636f·6465·3e23·2052··e><pre><code>#·R
002b1a80:·656d·6564·6961·7469·6f6e·2069·7320·6170··emediation·is·ap		002b1a80:·656d·6564·6961·7469·6f6e·2069·7320·6170··emediation·is·ap
002b1a90:·706c·6963·6162·6c65·206f·6e6c·7920·696e··plicable·only·in		002b1a90:·706c·6963·6162·6c65·206f·6e6c·7920·696e··plicable·only·in
002b1aa0:·2063·6572·7461·696e·2070·6c61·7466·6f72···certain·platfor		002b1aa0:·2063·6572·7461·696e·2070·6c61·7466·6f72···certain·platfor
		002b1ab0:·6d73·0a69·6620·5b20·2120·2d66·202f·7379··ms.if·[·!·-f·/sy
002b1ab0:·6d73·0a69·6620·6470·6b67·2d71·7565·7279··ms.if·dpkg-query
002b1ac0:·202d·2d73·686f·7720·2d2d·7368·6f77·666f···--show·--showfo
002b1ad0:·726d·6174·3d27·247b·6462·3a53·7461·7475··rmat='${db:Statu
002b1ae0:·732d·5374·6174·7573·7d5c·6e27·2027·6772··s-Status}\n'·'gr
002b1af0:·7562·322d·636f·6d6d·6f6e·2720·3226·6774··ub2-common'·2&gt
002b1b00:·3b2f·6465·762f·6e75·6c6c·207c·2067·7265··;/dev/null·\|·gre
002b1b10:·7020·2d71·2069·6e73·7461·6c6c·6564·2026··p·-q·installed·&
002b1b20:·616d·703b·2661·6d70·3b20·5b20·2120·2d66··amp;&·[·!·-f
002b1b30:~~·202f·7379~~·732f·6669·726d·7761·7265·2f65··~~·/sy~~s/firmware/e		002b1ac0:·732f·6669·726d·7761·7265·2f65·6669·205d··s/firmware/efi·]
		002b1ad0:·2026·616d·703b·2661·6d70·3b20·6470·6b67···&&·dpkg
		002b1ae0:·2d71·7565·7279·202d·2d73·686f·7720·2d2d··-query·--show·--
		002b1af0:·7368·6f77·666f·726d·6174·3d27·247b·6462··showformat='${db
		002b1b00:·3a53·7461·7475·732d·5374·6174·7573·7d5c··:Status-Status}\
		002b1b10:·6e27·2027·6772·7562·322d·636f·6d6d·6f6e··n'·'grub2-common
		002b1b20:·2720·3226·6774·3b2f·6465·762f·6e75·6c6c··'·2>/dev/null
		002b1b30:·207c·2067·7265·7020·2d71·2069·6e73·7461···\|·grep·-q·insta
002b1b40:·6669·~~205d~~·2026·616d·703b·2661·6d70·3b20··~~fi·]~~·&&·		002b1b40:·6c6c·6564·2026·616d·703b·2661·6d70·3b20··lled·&&·
002b1b50:·7b20·5b20·2120·2d66·202f·2e64·6f63·6b65··{·[·!·-f·/.docke		002b1b50:·7b20·5b20·2120·2d66·202f·2e64·6f63·6b65··{·[·!·-f·/.docke
002b1b60:·7265·6e76·205d·2026·616d·703b·2661·6d70··renv·]·&&amp		002b1b60:·7265·6e76·205d·2026·616d·703b·2661·6d70··renv·]·&&amp
002b1b70:·3b20·5b20·2120·2d66·202f·7275·6e2f·2e63··;·[·!·-f·/run/.c		002b1b70:·3b20·5b20·2120·2d66·202f·7275·6e2f·2e63··;·[·!·-f·/run/.c
002b1b80:·6f6e·7461·696e·6572·656e·7620·5d3b·207d··ontainerenv·];·}		002b1b80:·6f6e·7461·696e·6572·656e·7620·5d3b·207d··ontainerenv·];·}
002b1b90:·3b20·7468·656e·0a0a·6368·6f77·6e20·3020··;·then..chown·0·		002b1b90:·3b20·7468·656e·0a0a·6368·6f77·6e20·3020··;·then..chown·0·
002b1ba0:·2f62·6f6f·742f·6772·7562·2f67·7275·622e··/boot/grub/grub.		002b1ba0:·2f62·6f6f·742f·6772·7562·2f67·7275·622e··/boot/grub/grub.
002b1bb0:·6366·670a·0a65·6c73·650a·2020·2020·2667··cfg..else.····&g		002b1bb0:·6366·670a·0a65·6c73·650a·2020·2020·2667··cfg..else.····&g
Offset 176627, 22 lines modified		Offset 176627, 22 lines modified
002b1f20:·6d65·3a20·5465·7374·2066·6f72·2065·7869··me:·Test·for·exi		002b1f20:·6d65·3a20·5465·7374·2066·6f72·2065·7869··me:·Test·for·exi
002b1f30:·7374·656e·6365·202f·626f·6f74·2f67·7275··stence·/boot/gru		002b1f30:·7374·656e·6365·202f·626f·6f74·2f67·7275··stence·/boot/gru
002b1f40:·622f·6772·7562·2e63·6667·0a20·2073·7461··b/grub.cfg.··sta		002b1f40:·622f·6772·7562·2e63·6667·0a20·2073·7461··b/grub.cfg.··sta
002b1f50:·743a·0a20·2020·2070·6174·683a·202f·626f··t:.····path:·/bo		002b1f50:·743a·0a20·2020·2070·6174·683a·202f·626f··t:.····path:·/bo
002b1f60:·6f74·2f67·7275·622f·6772·7562·2e63·6667··ot/grub/grub.cfg		002b1f60:·6f74·2f67·7275·622f·6772·7562·2e63·6667··ot/grub/grub.cfg
002b1f70:·0a20·2072·6567·6973·7465·723a·2066·696c··.··register:·fil		002b1f70:·0a20·2072·6567·6973·7465·723a·2066·696c··.··register:·fil
002b1f80:·655f·6578·6973·7473·0a20·2077·6865·6e3a··e_exists.··when:		002b1f80:·655f·6578·6973·7473·0a20·2077·6865·6e3a··e_exists.··when:
002b1f90:·0a20·202d·2027·2267·7275·6232·2d63·6f6d··.··-·'"grub2-com
002b1fa0:·6d6f·6e22·2069·6e20·616e·7369·626c·655f··mon"·in·ansible_
002b1fb0:·6661·6374·732e·7061·636b·6167·6573·270a··facts.packages'.
002b1fc0:·2020·2d20·2722·2f62·6f6f·742f·6566·6922····-·'"/boot/efi"
002b1fd0:·206e·6f74·2069·6e20·616e·7369·626c·655f···not·in·ansible_
002b1fe0:·6d6f·756e·7473·207c·206d·6170·2861·7474··mounts·\|·map(att
002b1ff0:·~~7269~~·~~6275~~·~~7465~~·3d22·6d6f·~~756e~~·~~7422~~·~~2920~~··~~ribute="m~~o~~unt")·~~		002b1f90:·0a20·202d·2027·222f·626f·6f74·2f65·6669··.··-·'"/boot/efi
		002b1fa0:·2220·6e6f·7420·696e·2061·6e73·6962·6c65··"·not·in·ansible
		002b1fb0:·5f6d·6f75·6e74·7320·7c20·6d61·7028·6174··_mounts·\|·map(at
		002b1fc0:·7472·6962·7574·653d·226d·6f75·6e74·2229··tribute="mount")
		002b1fd0:·207c·206c·6973·7427·0a20·202d·2027·2267···\|·list'.··-·'"g
		002b1fe0:·7275·6232·2d63·6f6d·6d6f·6e22·2069·6e20··rub2-common"·in·
		002b1ff0:·616e·7369·626c·655f·6661·6374·732e·7061··ansible_facts.pa
002b2000:·~~7c20~~·6c69·7374·270a·2020·2d20·616e·7369··~~\|·list~~'.··-·ansi		002b2000:·636b·6167·6573·270a·2020·2d20·616e·7369··ckages'.··-·ansi
002b2010:·626c·655f·7669·7274·7561·6c69·7a61·7469··ble_virtualizati		002b2010:·626c·655f·7669·7274·7561·6c69·7a61·7469··ble_virtualizati
002b2020:·6f6e·5f74·7970·6520·6e6f·7420·696e·205b··on_type·not·in·[		002b2020:·6f6e·5f74·7970·6520·6e6f·7420·696e·205b··on_type·not·in·[
002b2030:·2264·6f63·6b65·7222·2c20·226c·7863·222c··"docker",·"lxc",		002b2030:·2264·6f63·6b65·7222·2c20·226c·7863·222c··"docker",·"lxc",
002b2040:·2022·6f70·656e·767a·222c·2022·706f·646d···"openvz",·"podm		002b2040:·2022·6f70·656e·767a·222c·2022·706f·646d···"openvz",·"podm
002b2050:·616e·222c·2022·636f·6e74·6169·6e65·7222··an",·"container"		002b2050:·616e·222c·2022·636f·6e74·6169·6e65·7222··an",·"container"
002b2060:·5d0a·2020·7461·6773·3a0a·2020·2d20·434a··].··tags:.··-·CJ		002b2060:·5d0a·2020·7461·6773·3a0a·2020·2d20·434a··].··tags:.··-·CJ
002b2070:·4953·2d35·2e35·2e32·2e32·0a20·202d·204e··IS-5.5.2.2.··-·N		002b2070:·4953·2d35·2e35·2e32·2e32·0a20·202d·204e··IS-5.5.2.2.··-·N
Offset 176662, 22 lines modified		Offset 176662, 22 lines modified
002b2150:·6564·6564·0a0a·2d20·6e61·6d65·3a20·456e··eded..-·name:·En		002b2150:·6564·6564·0a0a·2d20·6e61·6d65·3a20·456e··eded..-·name:·En
002b2160:·7375·7265·206f·776e·6572·2030·206f·6e20··sure·owner·0·on·		002b2160:·7375·7265·206f·776e·6572·2030·206f·6e20··sure·owner·0·on·
002b2170:·2f62·6f6f·742f·6772·7562·2f67·7275·622e··/boot/grub/grub.		002b2170:·2f62·6f6f·742f·6772·7562·2f67·7275·622e··/boot/grub/grub.
002b2180:·6366·670a·2020·6669·6c65·3a0a·2020·2020··cfg.··file:.····		002b2180:·6366·670a·2020·6669·6c65·3a0a·2020·2020··cfg.··file:.····
002b2190:·7061·7468·3a20·2f62·6f6f·742f·6772·7562··path:·/boot/grub		002b2190:·7061·7468·3a20·2f62·6f6f·742f·6772·7562··path:·/boot/grub
002b21a0:·2f67·7275·622e·6366·670a·2020·2020·6f77··/grub.cfg.····ow		002b21a0:·2f67·7275·622e·6366·670a·2020·2020·6f77··/grub.cfg.····ow
002b21b0:·6e65·723a·2027·3027·0a20·2077·6865·6e3a··ner:·'0'.··when:		002b21b0:·6e65·723a·2027·3027·0a20·2077·6865·6e3a··ner:·'0'.··when:
002b21c0:·0a20·202d·2027·2267·7275·6232·2d63·6f6d··.··-·'"grub2-com
002b21d0:·6d6f·6e22·2069·6e20·616e·7369·626c·655f··mon"·in·ansible_
002b21e0:·6661·6374·732e·7061·636b·6167·6573·270a··facts.packages'.
002b21f0:·2020·2d20·2722·2f62·6f6f·742f·6566·6922····-·'"/boot/efi"
002b2200:·206e·6f74·2069·6e20·616e·7369·626c·655f···not·in·ansible_
002b2210:·6d6f·756e·7473·207c·206d·6170·2861·7474··mounts·\|·map(att
002b2220:·~~7269~~·~~6275~~·~~7465~~·3d22·6d6f·~~756e~~·~~7422~~·~~2920~~··~~ribute="m~~o~~unt")·~~		002b21c0:·0a20·202d·2027·222f·626f·6f74·2f65·6669··.··-·'"/boot/efi
		002b21d0:·2220·6e6f·7420·696e·2061·6e73·6962·6c65··"·not·in·ansible
		002b21e0:·5f6d·6f75·6e74·7320·7c20·6d61·7028·6174··_mounts·\|·map(at
		002b21f0:·7472·6962·7574·653d·226d·6f75·6e74·2229··tribute="mount")
		002b2200:·207c·206c·6973·7427·0a20·202d·2027·2267···\|·list'.··-·'"g
		002b2210:·7275·6232·2d63·6f6d·6d6f·6e22·2069·6e20··rub2-common"·in·
		002b2220:·616e·7369·626c·655f·6661·6374·732e·7061··ansible_facts.pa
002b2230:·~~7c20~~·6c69·7374·270a·2020·2d20·616e·7369··~~\|·list~~'.··-·ansi		002b2230:·636b·6167·6573·270a·2020·2d20·616e·7369··ckages'.··-·ansi
002b2240:·626c·655f·7669·7274·7561·6c69·7a61·7469··ble_virtualizati		002b2240:·626c·655f·7669·7274·7561·6c69·7a61·7469··ble_virtualizati
002b2250:·6f6e·5f74·7970·6520·6e6f·7420·696e·205b··on_type·not·in·[		002b2250:·6f6e·5f74·7970·6520·6e6f·7420·696e·205b··on_type·not·in·[
002b2260:·2264·6f63·6b65·7222·2c20·226c·7863·222c··"docker",·"lxc",		002b2260:·2264·6f63·6b65·7222·2c20·226c·7863·222c··"docker",·"lxc",
002b2270:·2022·6f70·656e·767a·222c·2022·706f·646d···"openvz",·"podm		002b2270:·2022·6f70·656e·767a·222c·2022·706f·646d···"openvz",·"podm
002b2280:·616e·222c·2022·636f·6e74·6169·6e65·7222··an",·"container"		002b2280:·616e·222c·2022·636f·6e74·6169·6e65·7222··an",·"container"
002b2290:·5d0a·2020·2d20·6669·6c65·5f65·7869·7374··].··-·file_exist		002b2290:·5d0a·2020·2d20·6669·6c65·5f65·7869·7374··].··-·file_exist
002b22a0:·732e·7374·6174·2069·7320·6465·6669·6e65··s.stat·is·define		002b22a0:·732e·7374·6174·2069·7320·6465·6669·6e65··s.stat·is·define
Offset 177119, 24 lines modified		Offset 177119, 24 lines modified
002b3de0:·3c74·723e·3c74·683e·5374·7261·7465·6779··<tr><th>Strategy		002b3de0:·3c74·723e·3c74·683e·5374·7261·7465·6779··<tr><th>Strategy
002b3df0:·3a3c·2f74·683e·3c74·643e·636f·6e66·6967··:</th><td>config		002b3df0:·3a3c·2f74·683e·3c74·643e·636f·6e66·6967··:</th><td>config
002b3e00:·7572·653c·2f74·643e·3c2f·7472·3e3c·2f74··ure</td></tr></t		002b3e00:·7572·653c·2f74·643e·3c2f·7472·3e3c·2f74··ure</td></tr></t
002b3e10:·6162·6c65·3e3c·7072·653e·3c63·6f64·653e··able><pre><code>		002b3e10:·6162·6c65·3e3c·7072·653e·3c63·6f64·653e··able><pre><code>
002b3e20:·2320·5265·6d65·6469·6174·696f·6e20·6973··#·Remediation·is		002b3e20:·2320·5265·6d65·6469·6174·696f·6e20·6973··#·Remediation·is
002b3e30:·2061·7070·6c69·6361·626c·6520·6f6e·6c79···applicable·only		002b3e30:·2061·7070·6c69·6361·626c·6520·6f6e·6c79···applicable·only
002b3e40:·2069·6e20·6365·7274·6169·6e20·706c·6174···in·certain·plat		002b3e40:·2069·6e20·6365·7274·6169·6e20·706c·6174···in·certain·plat
		002b3e50:·666f·726d·730a·6966·205b·2021·202d·6620··forms.if·[·!·-f·
002b3e50:·666f·726d·730a·6966·2064·706b·672d·7175··forms.if·dpkg-qu
002b3e60:·6572·7920·2d2d·7368·6f77·202d·2d73·686f··ery·--show·--sho
002b3e70:·7766·6f72·6d61·743d·2724·7b64·623a·5374··wformat='${db:St
002b3e80:·6174·7573·2d53·7461·7475·737d·5c6e·2720··atus-Status}\n'·
002b3e90:·2767·7275·6232·2d63·6f6d·6d6f·6e27·2032··'grub2-common'·2
002b3ea0:·2667·743b·2f64·6576·2f6e·756c·6c20·7c20··>/dev/null·\|·
002b3eb0:·6772·6570·202d·7120·696e·7374·616c·6c65··grep·-q·installe
002b3ec0:·6420·2661·6d70·3b26·616d·703b·205b·2021··d·&&·[·!
002b3ed0:~~·202d·6620~~·2f73·7973·2f66·6972·6d77·6172··~~·-f~~·/sys/firmwar		002b3e60:·2f73·7973·2f66·6972·6d77·6172·652f·6566··/sys/firmware/ef
002b3ee0:~~·652f·6566~~·6920·5d20·2661·6d70·3b26·616d··~~e/ef~~i·]·&&am		002b3e70:·6920·5d20·2661·6d70·3b26·616d·703b·2064··i·]·&&·d
		002b3e80:·706b·672d·7175·6572·7920·2d2d·7368·6f77··pkg-query·--show
		002b3e90:·202d·2d73·686f·7766·6f72·6d61·743d·2724···--showformat='$
		002b3ea0:·7b64·623a·5374·6174·7573·2d53·7461·7475··{db:Status-Statu
		002b3eb0:·737d·5c6e·2720·2767·7275·6232·2d63·6f6d··s}\n'·'grub2-com
		002b3ec0:·6d6f·6e27·2032·2667·743b·2f64·6576·2f6e··mon'·2>/dev/n
		002b3ed0:·756c·6c20·7c20·6772·6570·202d·7120·696e··ull·\|·grep·-q·in
		002b3ee0:·7374·616c·6c65·6420·2661·6d70·3b26·616d··stalled·&&am
002b3ef0:·703b·207b·205b·2021·202d·6620·2f2e·646f··p;·{·[·!·-f·/.do		002b3ef0:·703b·207b·205b·2021·202d·6620·2f2e·646f··p;·{·[·!·-f·/.do
002b3f00:·636b·6572·656e·7620·5d20·2661·6d70·3b26··ckerenv·]·&&		002b3f00:·636b·6572·656e·7620·5d20·2661·6d70·3b26··ckerenv·]·&&
002b3f10:·616d·703b·205b·2021·202d·6620·2f72·756e··amp;·[·!·-f·/run		002b3f10:·616d·703b·205b·2021·202d·6620·2f72·756e··amp;·[·!·-f·/run
002b3f20:·2f2e·636f·6e74·6169·6e65·7265·6e76·205d··/.containerenv·]		002b3f20:·2f2e·636f·6e74·6169·6e65·7265·6e76·205d··/.containerenv·]
002b3f30:·3b20·7d3b·2074·6865·6e0a·0a63·686d·6f64··;·};·then..chmod		002b3f30:·3b20·7d3b·2074·6865·6e0a·0a63·686d·6f64··;·};·then..chmod
002b3f40:·2075·2d78·732c·672d·7877·7273·2c6f·2d78···u-xs,g-xwrs,o-x		002b3f40:·2075·2d78·732c·672d·7877·7273·2c6f·2d78···u-xs,g-xwrs,o-x
002b3f50:·7772·7420·2f62·6f6f·742f·6772·7562·2f67··wrt·/boot/grub/g		002b3f50:·7772·7420·2f62·6f6f·742f·6772·7562·2f67··wrt·/boot/grub/g
Offset 177196, 22 lines modified		Offset 177196, 22 lines modified
002b42b0:·0a2d·206e·616d·653a·2054·6573·7420·666f··.-·name:·Test·fo		002b42b0:·0a2d·206e·616d·653a·2054·6573·7420·666f··.-·name:·Test·fo
002b42c0:·7220·6578·6973·7465·6e63·6520·2f62·6f6f··r·existence·/boo		002b42c0:·7220·6578·6973·7465·6e63·6520·2f62·6f6f··r·existence·/boo
002b42d0:·742f·6772·7562·2f67·7275·622e·6366·670a··t/grub/grub.cfg.		002b42d0:·742f·6772·7562·2f67·7275·622e·6366·670a··t/grub/grub.cfg.
Max diff block lines reached; 33208/42456 bytes (78.22%) of diff not shown.


Offset 39389, 16 lines modified		Offset 39389, 16 lines modified
39389	············A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),·PR.AC-4,·PR.DS-5,	39389	············A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),·PR.AC-4,·PR.DS-5,
39390	············Req-7.1,·1.5.2	39390	············Req-7.1,·1.5.2
39391	Remediation_Shell_script_⇲	39391	Remediation_Shell_script_⇲
39392	Complexity:·low	39392	Complexity:·low
39393	Disruption:·low	39393	Disruption:·low
39394	Strategy:···configure	39394	Strategy:···configure
39395	#·Remediation·is·applicable·only·in·certain·platforms	39395	#·Remediation·is·applicable·only·in·certain·platforms
39396	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/dev/~~null·\|·grep·-q·installed·&&·[·!~~	39396	if·[·!·-f·/sys/firmware/efi·]·&&·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/dev/
39397	-f·~~/sys/firmware/efi·]~~·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then	39397	null·\|·grep·-q·installed·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then

39398	chown·0·/boot/grub/grub.cfg	39398	chown·0·/boot/grub/grub.cfg

39399	else	39399	else
39400	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'	39400	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'
39401	fi	39401	fi
39402	Remediation_Ansible_snippet_⇲	39402	Remediation_Ansible_snippet_⇲
Offset 39422, 16 lines modified		Offset 39422, 16 lines modified
39422	··-·no_reboot_needed	39422	··-·no_reboot_needed

39423	-·name:·Test·for·existence·/boot/grub/grub.cfg	39423	-·name:·Test·for·existence·/boot/grub/grub.cfg
39424	··stat:	39424	··stat:
39425	····path:·/boot/grub/grub.cfg	39425	····path:·/boot/grub/grub.cfg
39426	··register:·file_exists	39426	··register:·file_exists
39427	··when:	39427	··when:
39428	··-·'"grub2-common"·in·ansible_facts.packages'
39429	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	39428	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		39429	··-·'"grub2-common"·in·ansible_facts.packages'
39430	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	39430	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
39431	··tags:	39431	··tags:
39432	··-·CJIS-5.5.2.2	39432	··-·CJIS-5.5.2.2
39433	··-·NIST-800-171-3.4.5	39433	··-·NIST-800-171-3.4.5
39434	··-·NIST-800-53-AC-6(1)	39434	··-·NIST-800-53-AC-6(1)
39435	··-·NIST-800-53-CM-6(a)	39435	··-·NIST-800-53-CM-6(a)
39436	··-·PCI-DSS-Req-7.1	39436	··-·PCI-DSS-Req-7.1
Offset 39443, 16 lines modified		Offset 39443, 16 lines modified
39443	··-·no_reboot_needed	39443	··-·no_reboot_needed

39444	-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg	39444	-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg
39445	··file:	39445	··file:
39446	····path:·/boot/grub/grub.cfg	39446	····path:·/boot/grub/grub.cfg
39447	····owner:·'0'	39447	····owner:·'0'
39448	··when:	39448	··when:
39449	··-·'"grub2-common"·in·ansible_facts.packages'
39450	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	39449	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		39450	··-·'"grub2-common"·in·ansible_facts.packages'
39451	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	39451	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
39452	··-·file_exists.stat·is·defined·and·file_exists.stat.exists	39452	··-·file_exists.stat·is·defined·and·file_exists.stat.exists
39453	··tags:	39453	··tags:
39454	··-·CJIS-5.5.2.2	39454	··-·CJIS-5.5.2.2
39455	··-·NIST-800-171-3.4.5	39455	··-·NIST-800-171-3.4.5
39456	··-·NIST-800-53-AC-6(1)	39456	··-·NIST-800-53-AC-6(1)
39457	··-·NIST-800-53-CM-6(a)	39457	··-·NIST-800-53-CM-6(a)
Offset 39478, 16 lines modified		Offset 39478, 16 lines modified
39478	············A.8.2.2,·A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),	39478	············A.8.2.2,·A.8.2.3,·A.9.1.1,·A.9.1.2,·A.9.2.3,·A.9.4.1,·A.9.4.4,·A.9.4.5,·CM-6(a),·AC-6(1),
39479	············PR.AC-4,·PR.DS-5,·1.5.2	39479	············PR.AC-4,·PR.DS-5,·1.5.2
39480	Remediation_Shell_script_⇲	39480	Remediation_Shell_script_⇲
39481	Complexity:·low	39481	Complexity:·low
39482	Disruption:·low	39482	Disruption:·low
39483	Strategy:···configure	39483	Strategy:···configure
39484	#·Remediation·is·applicable·only·in·certain·platforms	39484	#·Remediation·is·applicable·only·in·certain·platforms
39485	if·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>~~/dev~~/~~null·\|·grep·-q·installed·&&~~	39485	if·[·!·-f·/sys/firmware/efi·]·&&·dpkg-query·--show·--showformat='${db:Status-Status}\n'·'grub2-common'·2>/
39486	~~[·!·-f~~·~~/sys/firmware/efi·]~~·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then	39486	dev/null·\|·grep·-q·installed·&&·{·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·};·then

39487	chmod·u-xs,g-xwrs,o-xwrt·/boot/grub/grub.cfg	39487	chmod·u-xs,g-xwrs,o-xwrt·/boot/grub/grub.cfg

39488	else	39488	else
39489	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'	39489	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'
39490	fi	39490	fi
39491	Remediation_Ansible_snippet_⇲	39491	Remediation_Ansible_snippet_⇲
Offset 39509, 16 lines modified		Offset 39509, 16 lines modified
39509	··-·no_reboot_needed	39509	··-·no_reboot_needed

39510	-·name:·Test·for·existence·/boot/grub/grub.cfg	39510	-·name:·Test·for·existence·/boot/grub/grub.cfg
39511	··stat:	39511	··stat:
39512	····path:·/boot/grub/grub.cfg	39512	····path:·/boot/grub/grub.cfg
39513	··register:·file_exists	39513	··register:·file_exists
39514	··when:	39514	··when:
39515	··-·'"grub2-common"·in·ansible_facts.packages'
39516	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	39515	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		39516	··-·'"grub2-common"·in·ansible_facts.packages'
39517	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	39517	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
39518	··tags:	39518	··tags:
39519	··-·NIST-800-171-3.4.5	39519	··-·NIST-800-171-3.4.5
39520	··-·NIST-800-53-AC-6(1)	39520	··-·NIST-800-53-AC-6(1)
39521	··-·NIST-800-53-CM-6(a)	39521	··-·NIST-800-53-CM-6(a)
39522	··-·configure_strategy	39522	··-·configure_strategy
39523	··-·file_permissions_grub2_cfg	39523	··-·file_permissions_grub2_cfg
Offset 39528, 16 lines modified		Offset 39528, 16 lines modified
39528	··-·no_reboot_needed	39528	··-·no_reboot_needed

39529	-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg	39529	-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg
39530	··file:	39530	··file:
39531	····path:·/boot/grub/grub.cfg	39531	····path:·/boot/grub/grub.cfg
39532	····mode:·u-xs,g-xwrs,o-xwrt	39532	····mode:·u-xs,g-xwrs,o-xwrt
39533	··when:	39533	··when:
39534	··-·'"grub2-common"·in·ansible_facts.packages'
39535	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	39534	··-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		39535	··-·'"grub2-common"·in·ansible_facts.packages'
39536	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	39536	··-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
39537	··-·file_exists.stat·is·defined·and·file_exists.stat.exists	39537	··-·file_exists.stat·is·defined·and·file_exists.stat.exists
39538	··tags:	39538	··tags:
39539	··-·NIST-800-171-3.4.5	39539	··-·NIST-800-171-3.4.5
39540	··-·NIST-800-53-AC-6(1)	39540	··-·NIST-800-53-AC-6(1)
39541	··-·NIST-800-53-CM-6(a)	39541	··-·NIST-800-53-CM-6(a)
39542	··-·configure_strategy	39542	··-·configure_strategy
Offset 47017, 14 lines modified		Offset 47017, 30 lines modified
47017	············CCI-000366,·4.3.3.5.1,·4.3.3.5.2,·4.3.3.5.3,·4.3.3.5.4,·4.3.3.5.5,·4.3.3.5.6,·4.3.3.5.7,	47017	············CCI-000366,·4.3.3.5.1,·4.3.3.5.2,·4.3.3.5.3,·4.3.3.5.4,·4.3.3.5.5,·4.3.3.5.6,·4.3.3.5.7,
47018	Identifiers·4.3.3.5.8,·4.3.3.6.1,·4.3.3.6.2,·4.3.3.6.3,·4.3.3.6.4,·4.3.3.6.5,·4.3.3.6.6,·4.3.3.6.7,	47018	Identifiers·4.3.3.5.8,·4.3.3.6.1,·4.3.3.6.2,·4.3.3.6.3,·4.3.3.6.4,·4.3.3.6.5,·4.3.3.6.6,·4.3.3.6.7,
47019	and·········4.3.3.6.8,·4.3.3.6.9,·4.3.3.7.1,·4.3.3.7.2,·4.3.3.7.3,·4.3.3.7.4,·4.3.4.3.2,·4.3.4.3.3,·SR_1.1,	47019	and·········4.3.3.6.8,·4.3.3.6.9,·4.3.3.7.1,·4.3.3.7.2,·4.3.3.7.3,·4.3.3.7.4,·4.3.4.3.2,·4.3.4.3.3,·SR_1.1,
47020	References··SR_1.10,·SR_1.11,·SR_1.12,·SR_1.13,·SR_1.2,·SR_1.3,·SR_1.4,·SR_1.5,·SR_1.6,·SR_1.7,·SR_1.8,·SR	47020	References··SR_1.10,·SR_1.11,·SR_1.12,·SR_1.13,·SR_1.2,·SR_1.3,·SR_1.4,·SR_1.5,·SR_1.6,·SR_1.7,·SR_1.8,·SR
47021	············1.9,·SR_2.1,·SR_2.2,·SR_2.3,·SR_2.4,·SR_2.5,·SR_2.6,·SR_2.7,·SR_7.6,·A.12.1.2,·A.12.5.1,	47021	············1.9,·SR_2.1,·SR_2.2,·SR_2.3,·SR_2.4,·SR_2.5,·SR_2.6,·SR_2.7,·SR_7.6,·A.12.1.2,·A.12.5.1,
47022	············A.12.6.2,·A.14.2.2,·A.14.2.3,·A.14.2.4,·A.9.1.2,·CM-7(a),·CM-7(b),·CM-6(a),·PR.IP-1,·PR.PT-3,	47022	············A.12.6.2,·A.14.2.2,·A.14.2.3,·A.14.2.4,·A.9.1.2,·CM-7(a),·CM-7(b),·CM-6(a),·PR.IP-1,·PR.PT-3,
47023	············2.2.3	47023	············2.2.3
		47024	Remediation_OSBuild_Blueprint_snippet_⇲

		47025	[customizations.services]
		47026	disabled·=·["avahi-daemon"]
		47027	Remediation_Puppet_snippet_⇲
		47028	Complexity:·low
		47029	Disruption:·low
		47030	Strategy:···enable
		47031	include·disable_avahi-daemon

		47032	class·disable_avahi-daemon·{
		47033	··service·{'avahi-daemon':
		47034	····enable·=>·false,
		47035	····ensure·=>·'stopped',
Max diff block lines reached; 2796/7887 bytes (35.45%) of diff not shown.


Offset 31332, 112 lines modified		Offset 31332, 112 lines modified
0007a630:·6765·743d·2223·6964·6d33·3436·3534·2220··get="#idm34654"·		0007a630:·6765·743d·2223·6964·6d33·3436·3534·2220··get="#idm34654"·
0007a640:·7461·6269·6e64·6578·3d22·3022·2072·6f6c··tabindex="0"·rol		0007a640:·7461·6269·6e64·6578·3d22·3022·2072·6f6c··tabindex="0"·rol
0007a650:·653d·2262·7574·746f·6e22·2061·7269·612d··e="button"·aria-		0007a650:·653d·2262·7574·746f·6e22·2061·7269·612d··e="button"·aria-
0007a660:·6578·7061·6e64·6564·3d22·6661·6c73·6522··expanded="false"		0007a660:·6578·7061·6e64·6564·3d22·6661·6c73·6522··expanded="false"
0007a670:·2074·6974·6c65·3d22·4163·7469·7661·7465···title="Activate		0007a670:·2074·6974·6c65·3d22·4163·7469·7661·7465···title="Activate
0007a680:·2074·6f20·7265·7665·616c·2220·6872·6566···to·reveal"·href		0007a680:·2074·6f20·7265·7665·616c·2220·6872·6566···to·reveal"·href
0007a690:·3d22·2321·223e·5265·6d65·6469·6174·696f··="#!">Remediatio		0007a690:·3d22·2321·223e·5265·6d65·6469·6174·696f··="#!">Remediatio
		0007a6a0:·6e20·4f53·4275·696c·6420·426c·7565·7072··n·OSBuild·Bluepr
		0007a6b0:·696e·7420·736e·6970·7065·7420·e287·b23c··int·snippet·...<
		0007a6c0:·2f61·3e3c·6272·3e3c·6469·7620·636c·6173··/a><br><div·clas
		0007a6d0:·733d·2270·616e·656c·2d63·6f6c·6c61·7073··s="panel-collaps
		0007a6e0:·6520·636f·6c6c·6170·7365·2220·6964·3d22··e·collapse"·id="
		0007a6f0:·6964·6d33·3436·3534·223e·3c70·7265·3e3c··idm34654"><pre><
		0007a700:·636f·6465·3e0a·5b63·7573·746f·6d69·7a61··code>.[customiza
		0007a710:·7469·6f6e·732e·7365·7276·6963·6573·5d0a··tions.services].
		0007a720:·6469·7361·626c·6564·203d·205b·2261·7070··disabled·=·["app
		0007a730:·6f72·7422·5d0a·3c2f·636f·6465·3e3c·2f70··ort"].</code></p
		0007a740:·7265·3e3c·2f64·6976·3e3c·6120·636c·6173··re></div><a·clas
		0007a750:·733d·2262·746e·2062·746e·2d73·7563·6365··s="btn·btn-succe
		0007a760:·7373·2220·6461·7461·2d74·6f67·676c·653d··ss"·data-toggle=
		0007a770:·2263·6f6c·6c61·7073·6522·2064·6174·612d··"collapse"·data-
		0007a780:·7461·7267·6574·3d22·2369·646d·3334·3635··target="#idm3465
		0007a790:·3522·2074·6162·696e·6465·783d·2230·2220··5"·tabindex="0"·
		0007a7a0:·726f·6c65·3d22·6275·7474·6f6e·2220·6172··role="button"·ar
		0007a7b0:·6961·2d65·7870·616e·6465·643d·2266·616c··ia-expanded="fal
		0007a7c0:·7365·2220·7469·746c·653d·2241·6374·6976··se"·title="Activ
		0007a7d0:·6174·6520·746f·2072·6576·6561·6c22·2068··ate·to·reveal"·h
		0007a7e0:·7265·663d·2223·2122·3e52·656d·6564·6961··ref="#!">Remedia
		0007a7f0:·7469·6f6e·2050·7570·7065·7420·736e·6970··tion·Puppet·snip
		0007a800:·7065·7420·e287·b23c·2f61·3e3c·6272·3e3c··pet·...</a><br><
		0007a810:·6469·7620·636c·6173·733d·2270·616e·656c··div·class="panel
		0007a820:·2d63·6f6c·6c61·7073·6520·636f·6c6c·6170··-collapse·collap
		0007a830:·7365·2220·6964·3d22·6964·6d33·3436·3535··se"·id="idm34655
		0007a840:·223e·3c74·6162·6c65·2063·6c61·7373·3d22··"><table·class="
		0007a850:·7461·626c·6520·7461·626c·652d·7374·7269··table·table-stri
		0007a860:·7065·6420·7461·626c·652d·626f·7264·6572··ped·table-border
		0007a870:·6564·2074·6162·6c65·2d63·6f6e·6465·6e73··ed·table-condens
		0007a880:·6564·223e·3c74·723e·3c74·683e·436f·6d70··ed"><tr><th>Comp
		0007a890:·6c65·7869·7479·3a3c·2f74·683e·3c74·643e··lexity:</th><td>
		0007a8a0:·6c6f·773c·2f74·643e·3c2f·7472·3e3c·7472··low</td></tr><tr
		0007a8b0:·3e3c·7468·3e44·6973·7275·7074·696f·6e3a··><th>Disruption:
		0007a8c0:·3c2f·7468·3e3c·7464·3e6c·6f77·3c2f·7464··</th><td>low</td
		0007a8d0:·3e3c·2f74·723e·3c74·723e·3c74·683e·5374··></tr><tr><th>St
		0007a8e0:·7261·7465·6779·3a3c·2f74·683e·3c74·643e··rategy:</th><td>
		0007a8f0:·656e·6162·6c65·3c2f·7464·3e3c·2f74·723e··enable</td></tr>
		0007a900:·3c2f·7461·626c·653e·3c70·7265·3e3c·636f··</table><pre><co
		0007a910:·6465·3e69·6e63·6c75·6465·2064·6973·6162··de>include·disab
		0007a920:·6c65·5f61·7070·6f72·740a·0a63·6c61·7373··le_apport..class
		0007a930:·2064·6973·6162·6c65·5f61·7070·6f72·7420···disable_apport·
		0007a940:·7b0a·2020·7365·7276·6963·6520·7b27·6170··{.··service·{'ap
		0007a950:·706f·7274·273a·0a20·2020·2065·6e61·626c··port':.····enabl
		0007a960:·6520·3d26·6774·3b20·6661·6c73·652c·0a20··e·=>·false,.·
		0007a970:·2020·2065·6e73·7572·6520·3d26·6774·3b20·····ensure·=>·
		0007a980:·2773·746f·7070·6564·272c·0a20·207d·0a7d··'stopped',.··}.}
		0007a990:·0a3c·2f63·6f64·653e·3c2f·7072·653e·3c2f··.</code></pre></
		0007a9a0:·6469·763e·3c61·2063·6c61·7373·3d22·6274··div><a·class="bt
		0007a9b0:·6e20·6274·6e2d·7375·6363·6573·7322·2064··n·btn-success"·d
		0007a9c0:·6174·612d·746f·6767·6c65·3d22·636f·6c6c··ata-toggle="coll
		0007a9d0:·6170·7365·2220·6461·7461·2d74·6172·6765··apse"·data-targe
		0007a9e0:·743d·2223·6964·6d33·3436·3536·2220·7461··t="#idm34656"·ta
		0007a9f0:·6269·6e64·6578·3d22·3022·2072·6f6c·653d··bindex="0"·role=
		0007aa00:·2262·7574·746f·6e22·2061·7269·612d·6578··"button"·aria-ex
		0007aa10:·7061·6e64·6564·3d22·6661·6c73·6522·2074··panded="false"·t
		0007aa20:·6974·6c65·3d22·4163·7469·7661·7465·2074··itle="Activate·t
		0007aa30:·6f20·7265·7665·616c·2220·6872·6566·3d22··o·reveal"·href="
		0007aa40:·2321·223e·5265·6d65·6469·6174·696f·6e20··#!">Remediation·
0007a6a0:~~·6e20~~·4b75·6265·726e·6574·6573·2073·6e69··n·Kubernetes·sni		0007aa50:·4b75·6265·726e·6574·6573·2073·6e69·7070··Kubernetes·snipp
0007a6b0:~~·7070~~·6574·20e2·87b2·3c2f·613e·3c62·723e·~~·pp~~et·...</a><br>		0007aa60:·6574·20e2·87b2·3c2f·613e·3c62·723e·3c64··et·...</a><br><d
0007a6c0:~~·3c64~~·6976·2063·6c61·7373·3d22·7061·6e65··<div·class="pane		0007aa70:·6976·2063·6c61·7373·3d22·7061·6e65·6c2d··iv·class="panel-
0007a6d0:~~·6c2d~~·636f·6c6c·6170·7365·2063·6f6c·6c61·~~·l-~~collapse·colla		0007aa80:·636f·6c6c·6170·7365·2063·6f6c·6c61·7073··collapse·collaps
0007a6e0:~~·7073~~·6522·2069·643d·2269·646d·3334·3635·~~·ps~~e"·id="idm3465		0007aa90:·6522·2069·643d·2269·646d·3334·3635·3622··e"·id="idm34656"
0007a6f0:~~·3422~~·3e3c·7461·626c·6520·636c·6173·733d··4"><table·class=		0007aaa0:·3e3c·7461·626c·6520·636c·6173·733d·2274··><table·class="t
0007a700:~~·2274~~·6162·6c65·2074·6162·6c65·2d73·7472·~~·"t~~able·table-str		0007aab0:·6162·6c65·2074·6162·6c65·2d73·7472·6970··able·table-strip
0007a710:~~·6970~~·6564·2074·6162·6c65·2d62·6f72·6465·~~·ip~~ed·table-borde		0007aac0:·6564·2074·6162·6c65·2d62·6f72·6465·7265··ed·table-bordere
0007a720:~~·7265~~·6420·7461·626c·652d·636f·6e64·656e·~~·re~~d·table-conden		0007aad0:·6420·7461·626c·652d·636f·6e64·656e·7365··d·table-condense
0007a730:~~·7365~~·6422·3e3c·7472·3e3c·7468·3e43·6f6d·~~·se~~d"><tr><th>Com		0007aae0:·6422·3e3c·7472·3e3c·7468·3e43·6f6d·706c··d"><tr><th>Compl
0007a740:~~·706c~~·6578·6974·793a·3c2f·7468·3e3c·7464·~~·pl~~exity:</th><td		0007aaf0:·6578·6974·793a·3c2f·7468·3e3c·7464·3e6c··exity:</th><td>l
0007a750:~~·3e6c~~·6f77·3c2f·7464·3e3c·2f74·723e·3c74·~~·>l~~ow</td></tr><t		0007ab00:·6f77·3c2f·7464·3e3c·2f74·723e·3c74·723e··ow</td></tr><tr>
0007a760:~~·723e~~·3c74·683e·4469·7372·7570·7469·6f6e·~~·r>~~<th>Disruption		0007ab10:·3c74·683e·4469·7372·7570·7469·6f6e·3a3c··<th>Disruption:<
0007a770:~~·3a3c~~·2f74·683e·3c74·643e·6d65·6469·756d·~~·:<~~/th><td>medium		0007ab20:·2f74·683e·3c74·643e·6d65·6469·756d·3c2f··/th><td>medium</
0007a780:~~·3c2f~~·7464·3e3c·2f74·723e·3c74·723e·3c74·~~·</~~td></tr><tr><t		0007ab30:·7464·3e3c·2f74·723e·3c74·723e·3c74·683e··td></tr><tr><th>
0007a790:~~·683e~~·5265·626f·6f74·3a3c·2f74·683e·3c74·~~·h>~~Reboot:</th><t		0007ab40:·5265·626f·6f74·3a3c·2f74·683e·3c74·643e··Reboot:</th><td>
0007a7a0:~~·643e~~·7472·7565·3c2f·7464·3e3c·2f74·723e·~~·d>~~true</td></tr>		0007ab50:·7472·7565·3c2f·7464·3e3c·2f74·723e·3c74··true</td></tr><t
0007a7b0:~~·3c74~~·723e·3c74·683e·5374·7261·7465·6779·~~·<t~~r><th>Strategy		0007ab60:·723e·3c74·683e·5374·7261·7465·6779·3a3c··r><th>Strategy:<
0007a7c0:~~·3a3c~~·2f74·683e·3c74·643e·6469·7361·626c·~~·:<~~/th><td>disabl		0007ab70:·2f74·683e·3c74·643e·6469·7361·626c·653c··/th><td>disable<
0007a7d0:~~·653c~~·2f74·643e·3c2f·7472·3e3c·2f74·6162·~~·e<~~/td></tr></tab		0007ab80:·2f74·643e·3c2f·7472·3e3c·2f74·6162·6c65··/td></tr></table
0007a7e0:~~·6c65~~·3e3c·7072·653e·3c63·6f64·653e·6170·~~·le~~><pre><code>ap		0007ab90:·3e3c·7072·653e·3c63·6f64·653e·6170·6956··><pre><code>apiV
0007a7f0:~~·6956~~·6572·7369·6f6e·3a20·6d61·6368·696e·~~·iV~~ersion:·machin		0007aba0:·6572·7369·6f6e·3a20·6d61·6368·696e·6563··ersion:·machinec
0007a800:~~·6563~~·6f6e·6669·6775·7261·7469·6f6e·2e6f·~~·ec~~onfiguration.o		0007abb0:·6f6e·6669·6775·7261·7469·6f6e·2e6f·7065··onfiguration.ope
0007a810:~~·7065~~·6e73·6869·6674·2e69·6f2f·7631·0a6b··penshift.io/v1.k		0007abc0:·6e73·6869·6674·2e69·6f2f·7631·0a6b·696e··nshift.io/v1.kin
0007a820:~~·696e~~·643a·204d·6163·6869·6e65·436f·6e66·~~·in~~d:·MachineConf		0007abd0:·643a·204d·6163·6869·6e65·436f·6e66·6967··d:·MachineConfig
0007a830:~~·6967~~·0a73·7065·633a·0a20·2063·6f6e·6669·~~·ig~~.spec:.··confi		0007abe0:·0a73·7065·633a·0a20·2063·6f6e·6669·673a··.spec:.··config:
0007a840:~~·673a~~·0a20·2020·2069·676e·6974·696f·6e3a·~~·g:~~.····ignition:		0007abf0:·0a20·2020·2069·676e·6974·696f·6e3a·0a20··.····ignition:.·
0007a850:·0a20·2020·2020·2076·6572·7369·6f6e·3a20··.······version:·		0007ac00:·2020·2020·2076·6572·7369·6f6e·3a20·332e·······version:·3.
0007a860:~~·332e~~·312e·300a·2020·2020·7379·7374·656d··3.1.0.····system		0007ac10:·312e·300a·2020·2020·7379·7374·656d·643a··1.0.····systemd:
0007a870:~~·643a~~·0a20·2020·2020·2075·6e69·7473·3a0a·~~·d:~~.······units:.		0007ac20:·0a20·2020·2020·2075·6e69·7473·3a0a·2020··.······units:.··
0007a880:~~·2020~~·2020·2020·2d20·6e61·6d65·3a20·6170········-·name:·ap		0007ac30:·2020·2020·2d20·6e61·6d65·3a20·6170·706f······-·name:·appo
0007a890:~~·706f~~·7274·2e73·6572·7669·6365·0a20·2020·~~·po~~rt.service.···		0007ac40:·7274·2e73·6572·7669·6365·0a20·2020·2020··rt.service.·····
0007a8a0:~~·2020~~·2020·2065·6e61·626c·6564·3a20·6661·······enabled:·fa		0007ac50:·2020·2065·6e61·626c·6564·3a20·6661·6c73·····enabled:·fals
0007a8b0:~~·6c73~~·650a·2020·2020·2020·2020·6d61·736b·~~·ls~~e.········mask		0007ac60:·650a·2020·2020·2020·2020·6d61·736b·3a20··e.········mask:·
0007a8c0:~~·3a20~~·7472·7565·0a20·2020·2020·202d·206e··:·true.······-·n		0007ac70:·7472·7565·0a20·2020·2020·202d·206e·616d··true.······-·nam
0007a8d0:~~·616d~~·653a·2061·7070·6f72·742e·736f·636b·~~·am~~e:·apport.sock		0007ac80:·653a·2061·7070·6f72·742e·736f·636b·6574··e:·apport.socket
0007a8e0:~~·6574~~·0a20·2020·2020·2020·2065·6e61·626c·~~·et~~.········enabl		0007ac90:·0a20·2020·2020·2020·2065·6e61·626c·6564··.········enabled
0007a8f0:~~·6564~~·3a20·6661·6c73·650a·2020·2020·2020·~~·ed~~:·false.······		0007aca0:·3a20·6661·6c73·650a·2020·2020·2020·2020··:·false.········
0007a900:~~·2020~~·6d61·736b·3a20·7472·7565·0a3c·2f63····mask:·true.</c		0007acb0:·6d61·736b·3a20·7472·7565·0a3c·2f63·6f64··mask:·true.</cod
0007a910:·6f64·653e·3c2f·7072·653e·3c2f·6469·763e··ode></pre></div>
0007a920:·3c61·2063·6c61·7373·3d22·6274·6e20·6274··<a·class="btn·bt
0007a930:·6e2d·7375·6363·6573·7322·2064·6174·612d··n-success"·data-
0007a940:·746f·6767·6c65·3d22·636f·6c6c·6170·7365··toggle="collapse
0007a950:·2220·6461·7461·2d74·6172·6765·743d·2223··"·data-target="#
0007a960:·6964·6d33·3436·3535·2220·7461·6269·6e64··idm34655"·tabind
0007a970:·6578·3d22·3022·2072·6f6c·653d·2262·7574··ex="0"·role="but
0007a980:·746f·6e22·2061·7269·612d·6578·7061·6e64··ton"·aria-expand
0007a990:·6564·3d22·6661·6c73·6522·2074·6974·6c65··ed="false"·title
0007a9a0:·3d22·4163·7469·7661·7465·2074·6f20·7265··="Activate·to·re
0007a9b0:·7665·616c·2220·6872·6566·3d22·2321·223e··veal"·href="#!">
0007a9c0:·5265·6d65·6469·6174·696f·6e20·4f53·4275··Remediation·OSBu
0007a9d0:·696c·6420·426c·7565·7072·696e·7420·736e··ild·Blueprint·sn
0007a9e0:·6970·7065·7420·e287·b23c·2f61·3e3c·6272··ippet·...</a><br
0007a9f0:·3e3c·6469·7620·636c·6173·733d·2270·616e··><div·class="pan
0007aa00:·656c·2d63·6f6c·6c61·7073·6520·636f·6c6c··el-collapse·coll
0007aa10:·6170·7365·2220·6964·3d22·6964·6d33·3436··apse"·id="idm346
0007aa20:·3535·223e·3c70·7265·3e3c·636f·6465·3e0a··55"><pre><code>.
0007aa30:·5b63·7573·746f·6d69·7a61·7469·6f6e·732e··[customizations.
0007aa40:·7365·7276·6963·6573·5d0a·6469·7361·626c··services].disabl
0007aa50:·6564·203d·205b·2261·7070·6f72·7422·5d0a··ed·=·["apport"].
0007aa60:·3c2f·636f·6465·3e3c·2f70·7265·3e3c·2f64··</code></pre></d
Max diff block lines reached; 414/14518 bytes (2.85%) of diff not shown.


Offset 2157, 14 lines modified		Offset 2157, 30 lines modified
2157	$·sudo·systemctl·mask·--now·apport.service	2157	$·sudo·systemctl·mask·--now·apport.service
2158	···························The·Apport·service·modifies·the·kernel·fs.suid_dumpable	2158	···························The·Apport·service·modifies·the·kernel·fs.suid_dumpable
2159	Rationale:·················configuration·at·runtime·which·prevents·other·hardening·from	2159	Rationale:·················configuration·at·runtime·which·prevents·other·hardening·from
2160	···························being·persistent.·Disabling·the·service·prevents·this·behavior.	2160	···························being·persistent.·Disabling·the·service·prevents·this·behavior.
2161	Severity: ················unknown	2161	Severity: ················unknown
2162	Rule·ID:···················xccdf_org.ssgproject.content_rule_service_apport_disabled	2162	Rule·ID:···················xccdf_org.ssgproject.content_rule_service_apport_disabled
2163	Identifiers·and·References	2163	Identifiers·and·References
		2164	Remediation_OSBuild_Blueprint_snippet_⇲

		2165	[customizations.services]
		2166	disabled·=·["apport"]
		2167	Remediation_Puppet_snippet_⇲
		2168	Complexity:·low
		2169	Disruption:·low
		2170	Strategy:···enable
		2171	include·disable_apport

		2172	class·disable_apport·{
		2173	··service·{'apport':
		2174	····enable·=>·false,
		2175	····ensure·=>·'stopped',
		2176	··}
		2177	}
2164	Remediation_Kubernetes_snippet_⇲	2178	Remediation_Kubernetes_snippet_⇲
2165	Complexity:·low	2179	Complexity:·low
2166	Disruption:·medium	2180	Disruption:·medium
2167	Reboot:·····true	2181	Reboot:·····true
2168	Strategy:···disable	2182	Strategy:···disable
2169	apiVersion:·machineconfiguration.openshift.io/v1	2183	apiVersion:·machineconfiguration.openshift.io/v1
2170	kind:·MachineConfig	2184	kind:·MachineConfig
Offset 2176, 30 lines modified		Offset 2192, 14 lines modified
2176	······units:	2192	······units:
2177	······-·name:·apport.service	2193	······-·name:·apport.service
2178	········enabled:·false	2194	········enabled:·false
2179	········mask:·true	2195	········mask:·true
2180	······-·name:·apport.socket	2196	······-·name:·apport.socket
2181	········enabled:·false	2197	········enabled:·false
2182	········mask:·true	2198	········mask:·true
2183	Remediation_OSBuild_Blueprint_snippet_⇲

2184	[customizations.services]
2185	disabled·=·["apport"]
2186	Remediation_Puppet_snippet_⇲
2187	Complexity:·low
2188	Disruption:·low
2189	Strategy:···enable
2190	include·disable_apport

2191	class·disable_apport·{
2192	··service·{'apport':
2193	····enable·=>·false,
2194	····ensure·=>·'stopped',
2195	··}
2196	}
2197	Remediation_Shell_script_⇲	2199	Remediation_Shell_script_⇲
2198	Complexity:·low	2200	Complexity:·low
2199	Disruption:·low	2201	Disruption:·low
2200	Strategy:···disable	2202	Strategy:···disable


2201	SYSTEMCTL_EXEC='/usr/bin/systemctl'	2203	SYSTEMCTL_EXEC='/usr/bin/systemctl'


Offset 1092, 16 lines modified		Offset 1092, 16 lines modified
1092	······-·no_reboot_needed	1092	······-·no_reboot_needed

1093	····-·name:·Test·for·existence·/boot/grub/grub.cfg	1093	····-·name:·Test·for·existence·/boot/grub/grub.cfg
1094	······stat:	1094	······stat:
1095	········path:·/boot/grub/grub.cfg	1095	········path:·/boot/grub/grub.cfg
1096	······register:·file_exists	1096	······register:·file_exists
1097	······when:	1097	······when:
1098	······-·'"grub2-common"·in·ansible_facts.packages'
1099	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1098	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1099	······-·'"grub2-common"·in·ansible_facts.packages'
1100	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1100	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1101	······tags:	1101	······tags:
1102	······-·CJIS-5.5.2.2	1102	······-·CJIS-5.5.2.2
1103	······-·NIST-800-171-3.4.5	1103	······-·NIST-800-171-3.4.5
1104	······-·NIST-800-53-AC-6(1)	1104	······-·NIST-800-53-AC-6(1)
1105	······-·NIST-800-53-CM-6(a)	1105	······-·NIST-800-53-CM-6(a)
1106	······-·PCI-DSS-Req-7.1	1106	······-·PCI-DSS-Req-7.1
Offset 1113, 16 lines modified		Offset 1113, 16 lines modified
1113	······-·no_reboot_needed	1113	······-·no_reboot_needed

1114	····-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg	1114	····-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg
1115	······file:	1115	······file:
1116	········path:·/boot/grub/grub.cfg	1116	········path:·/boot/grub/grub.cfg
1117	········owner:·'0'	1117	········owner:·'0'
1118	······when:	1118	······when:
1119	······-·'"grub2-common"·in·ansible_facts.packages'
1120	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1119	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1120	······-·'"grub2-common"·in·ansible_facts.packages'
1121	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1121	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1122	······-·file_exists.stat·is·defined·and·file_exists.stat.exists	1122	······-·file_exists.stat·is·defined·and·file_exists.stat.exists
1123	······tags:	1123	······tags:
1124	······-·CJIS-5.5.2.2	1124	······-·CJIS-5.5.2.2
1125	······-·NIST-800-171-3.4.5	1125	······-·NIST-800-171-3.4.5
1126	······-·NIST-800-53-AC-6(1)	1126	······-·NIST-800-53-AC-6(1)
1127	······-·NIST-800-53-CM-6(a)	1127	······-·NIST-800-53-CM-6(a)
Offset 1150, 16 lines modified		Offset 1150, 16 lines modified
1150	······-·no_reboot_needed	1150	······-·no_reboot_needed

1151	····-·name:·Test·for·existence·/boot/grub/grub.cfg	1151	····-·name:·Test·for·existence·/boot/grub/grub.cfg
1152	······stat:	1152	······stat:
1153	········path:·/boot/grub/grub.cfg	1153	········path:·/boot/grub/grub.cfg
1154	······register:·file_exists	1154	······register:·file_exists
1155	······when:	1155	······when:
1156	······-·'"grub2-common"·in·ansible_facts.packages'
1157	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1156	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1157	······-·'"grub2-common"·in·ansible_facts.packages'
1158	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1158	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1159	······tags:	1159	······tags:
1160	······-·NIST-800-171-3.4.5	1160	······-·NIST-800-171-3.4.5
1161	······-·NIST-800-53-AC-6(1)	1161	······-·NIST-800-53-AC-6(1)
1162	······-·NIST-800-53-CM-6(a)	1162	······-·NIST-800-53-CM-6(a)
1163	······-·configure_strategy	1163	······-·configure_strategy
1164	······-·file_permissions_grub2_cfg	1164	······-·file_permissions_grub2_cfg
Offset 1169, 16 lines modified		Offset 1169, 16 lines modified
1169	······-·no_reboot_needed	1169	······-·no_reboot_needed

1170	····-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg	1170	····-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg
1171	······file:	1171	······file:
1172	········path:·/boot/grub/grub.cfg	1172	········path:·/boot/grub/grub.cfg
1173	········mode:·u-xs,g-xwrs,o-xwrt	1173	········mode:·u-xs,g-xwrs,o-xwrt
1174	······when:	1174	······when:
1175	······-·'"grub2-common"·in·ansible_facts.packages'
1176	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1175	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1176	······-·'"grub2-common"·in·ansible_facts.packages'
1177	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1177	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1178	······-·file_exists.stat·is·defined·and·file_exists.stat.exists	1178	······-·file_exists.stat·is·defined·and·file_exists.stat.exists
1179	······tags:	1179	······tags:
1180	······-·NIST-800-171-3.4.5	1180	······-·NIST-800-171-3.4.5
1181	······-·NIST-800-53-AC-6(1)	1181	······-·NIST-800-53-AC-6(1)
1182	······-·NIST-800-53-CM-6(a)	1182	······-·NIST-800-53-CM-6(a)
1183	······-·configure_strategy	1183	······-·configure_strategy


Offset 1061, 16 lines modified		Offset 1061, 16 lines modified
1061	······-·no_reboot_needed	1061	······-·no_reboot_needed

1062	····-·name:·Test·for·existence·/boot/grub/grub.cfg	1062	····-·name:·Test·for·existence·/boot/grub/grub.cfg
1063	······stat:	1063	······stat:
1064	········path:·/boot/grub/grub.cfg	1064	········path:·/boot/grub/grub.cfg
1065	······register:·file_exists	1065	······register:·file_exists
1066	······when:	1066	······when:
1067	······-·'"grub2-common"·in·ansible_facts.packages'
1068	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1067	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1068	······-·'"grub2-common"·in·ansible_facts.packages'
1069	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1069	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1070	······tags:	1070	······tags:
1071	······-·CJIS-5.5.2.2	1071	······-·CJIS-5.5.2.2
1072	······-·NIST-800-171-3.4.5	1072	······-·NIST-800-171-3.4.5
1073	······-·NIST-800-53-AC-6(1)	1073	······-·NIST-800-53-AC-6(1)
1074	······-·NIST-800-53-CM-6(a)	1074	······-·NIST-800-53-CM-6(a)
1075	······-·PCI-DSS-Req-7.1	1075	······-·PCI-DSS-Req-7.1
Offset 1082, 16 lines modified		Offset 1082, 16 lines modified
1082	······-·no_reboot_needed	1082	······-·no_reboot_needed

1083	····-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg	1083	····-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg
1084	······file:	1084	······file:
1085	········path:·/boot/grub/grub.cfg	1085	········path:·/boot/grub/grub.cfg
1086	········owner:·'0'	1086	········owner:·'0'
1087	······when:	1087	······when:
1088	······-·'"grub2-common"·in·ansible_facts.packages'
1089	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1088	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1089	······-·'"grub2-common"·in·ansible_facts.packages'
1090	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1090	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1091	······-·file_exists.stat·is·defined·and·file_exists.stat.exists	1091	······-·file_exists.stat·is·defined·and·file_exists.stat.exists
1092	······tags:	1092	······tags:
1093	······-·CJIS-5.5.2.2	1093	······-·CJIS-5.5.2.2
1094	······-·NIST-800-171-3.4.5	1094	······-·NIST-800-171-3.4.5
1095	······-·NIST-800-53-AC-6(1)	1095	······-·NIST-800-53-AC-6(1)
1096	······-·NIST-800-53-CM-6(a)	1096	······-·NIST-800-53-CM-6(a)
Offset 1119, 16 lines modified		Offset 1119, 16 lines modified
1119	······-·no_reboot_needed	1119	······-·no_reboot_needed

1120	····-·name:·Test·for·existence·/boot/grub/grub.cfg	1120	····-·name:·Test·for·existence·/boot/grub/grub.cfg
1121	······stat:	1121	······stat:
1122	········path:·/boot/grub/grub.cfg	1122	········path:·/boot/grub/grub.cfg
1123	······register:·file_exists	1123	······register:·file_exists
1124	······when:	1124	······when:
1125	······-·'"grub2-common"·in·ansible_facts.packages'
1126	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1125	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1126	······-·'"grub2-common"·in·ansible_facts.packages'
1127	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1127	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1128	······tags:	1128	······tags:
1129	······-·NIST-800-171-3.4.5	1129	······-·NIST-800-171-3.4.5
1130	······-·NIST-800-53-AC-6(1)	1130	······-·NIST-800-53-AC-6(1)
1131	······-·NIST-800-53-CM-6(a)	1131	······-·NIST-800-53-CM-6(a)
1132	······-·configure_strategy	1132	······-·configure_strategy
1133	······-·file_permissions_grub2_cfg	1133	······-·file_permissions_grub2_cfg
Offset 1138, 16 lines modified		Offset 1138, 16 lines modified
1138	······-·no_reboot_needed	1138	······-·no_reboot_needed

1139	····-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg	1139	····-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg
1140	······file:	1140	······file:
1141	········path:·/boot/grub/grub.cfg	1141	········path:·/boot/grub/grub.cfg
1142	········mode:·u-xs,g-xwrs,o-xwrt	1142	········mode:·u-xs,g-xwrs,o-xwrt
1143	······when:	1143	······when:
1144	······-·'"grub2-common"·in·ansible_facts.packages'
1145	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1144	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1145	······-·'"grub2-common"·in·ansible_facts.packages'
1146	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1146	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1147	······-·file_exists.stat·is·defined·and·file_exists.stat.exists	1147	······-·file_exists.stat·is·defined·and·file_exists.stat.exists
1148	······tags:	1148	······tags:
1149	······-·NIST-800-171-3.4.5	1149	······-·NIST-800-171-3.4.5
1150	······-·NIST-800-53-AC-6(1)	1150	······-·NIST-800-53-AC-6(1)
1151	······-·NIST-800-53-CM-6(a)	1151	······-·NIST-800-53-CM-6(a)
1152	······-·configure_strategy	1152	······-·configure_strategy


Offset 1183, 16 lines modified		Offset 1183, 16 lines modified

1183	····-·name:·Collect·all·files·from·/etc/audit/rules.d·with·.rules·extension	1183	····-·name:·Collect·all·files·from·/etc/audit/rules.d·with·.rules·extension
1184	······find:	1184	······find:
1185	········paths:·/etc/audit/rules.d/	1185	········paths:·/etc/audit/rules.d/
1186	········patterns:·'*.rules'	1186	········patterns:·'*.rules'
1187	······register:·find_rules_d	1187	······register:·find_rules_d
1188	······when:	1188	······when:
1189	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1190	······-·'"auditd"·in·ansible_facts.packages'	1189	······-·'"auditd"·in·ansible_facts.packages'
		1190	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1191	······tags:	1191	······tags:
1192	······-·CJIS-5.4.1.1	1192	······-·CJIS-5.4.1.1
1193	······-·NIST-800-171-3.3.1	1193	······-·NIST-800-171-3.3.1
1194	······-·NIST-800-171-3.4.3	1194	······-·NIST-800-171-3.4.3
1195	······-·NIST-800-53-AC-6(9)	1195	······-·NIST-800-53-AC-6(9)
1196	······-·NIST-800-53-CM-6(a)	1196	······-·NIST-800-53-CM-6(a)
1197	······-·PCI-DSS-Req-10.5.2	1197	······-·PCI-DSS-Req-10.5.2
Offset 1207, 16 lines modified		Offset 1207, 16 lines modified
1207	······lineinfile:	1207	······lineinfile:
1208	········path:·'{{·item·}}'	1208	········path:·'{{·item·}}'
1209	········regexp:·^\s(?:-e)\s+.$	1209	········regexp:·^\s(?:-e)\s+.$
1210	········state:·absent	1210	········state:·absent
1211	······loop:·'{{·find_rules_d.files·\|·map(attribute=''path'')·\|·list·+·[''/etc/audit/audit.rules'']	1211	······loop:·'{{·find_rules_d.files·\|·map(attribute=''path'')·\|·list·+·[''/etc/audit/audit.rules'']
1212	········}}'	1212	········}}'
1213	······when:	1213	······when:
1214	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1215	······-·'"auditd"·in·ansible_facts.packages'	1214	······-·'"auditd"·in·ansible_facts.packages'
		1215	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1216	······tags:	1216	······tags:
1217	······-·CJIS-5.4.1.1	1217	······-·CJIS-5.4.1.1
1218	······-·NIST-800-171-3.3.1	1218	······-·NIST-800-171-3.3.1
1219	······-·NIST-800-171-3.4.3	1219	······-·NIST-800-171-3.4.3
1220	······-·NIST-800-53-AC-6(9)	1220	······-·NIST-800-53-AC-6(9)
1221	······-·NIST-800-53-CM-6(a)	1221	······-·NIST-800-53-CM-6(a)
1222	······-·PCI-DSS-Req-10.5.2	1222	······-·PCI-DSS-Req-10.5.2
Offset 1233, 16 lines modified		Offset 1233, 16 lines modified
1233	········create:·true	1233	········create:·true
1234	········line:·-e·2	1234	········line:·-e·2
1235	········mode:·o-rwx	1235	········mode:·o-rwx
1236	······loop:	1236	······loop:
1237	······-·/etc/audit/audit.rules	1237	······-·/etc/audit/audit.rules
1238	······-·/etc/audit/rules.d/immutable.rules	1238	······-·/etc/audit/rules.d/immutable.rules
1239	······when:	1239	······when:
1240	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1241	······-·'"auditd"·in·ansible_facts.packages'	1240	······-·'"auditd"·in·ansible_facts.packages'
		1241	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1242	······tags:	1242	······tags:
1243	······-·CJIS-5.4.1.1	1243	······-·CJIS-5.4.1.1
1244	······-·NIST-800-171-3.3.1	1244	······-·NIST-800-171-3.3.1
1245	······-·NIST-800-171-3.4.3	1245	······-·NIST-800-171-3.4.3
1246	······-·NIST-800-53-AC-6(9)	1246	······-·NIST-800-53-AC-6(9)
1247	······-·NIST-800-53-CM-6(a)	1247	······-·NIST-800-53-CM-6(a)
1248	······-·PCI-DSS-Req-10.5.2	1248	······-·PCI-DSS-Req-10.5.2
Offset 1277, 16 lines modified		Offset 1277, 16 lines modified
1277	····-·name:·Check·if·watch·rule·for·/etc/sudoers·already·exists·in·/etc/audit/rules.d/	1277	····-·name:·Check·if·watch·rule·for·/etc/sudoers·already·exists·in·/etc/audit/rules.d/
1278	······find:	1278	······find:
1279	········paths:·/etc/audit/rules.d	1279	········paths:·/etc/audit/rules.d
1280	········contains:·^\s*-w\s+/etc/sudoers\s+-p\s+wa(\s\|$)+	1280	········contains:·^\s*-w\s+/etc/sudoers\s+-p\s+wa(\s\|$)+
1281	········patterns:·'*.rules'	1281	········patterns:·'*.rules'
1282	······register:·find_existing_watch_rules_d	1282	······register:·find_existing_watch_rules_d
1283	······when:	1283	······when:
1284	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1285	······-·'"auditd"·in·ansible_facts.packages'	1284	······-·'"auditd"·in·ansible_facts.packages'
		1285	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1286	······tags:	1286	······tags:
1287	······-·CJIS-5.4.1.1	1287	······-·CJIS-5.4.1.1
1288	······-·NIST-800-171-3.1.7	1288	······-·NIST-800-171-3.1.7
1289	······-·NIST-800-53-AC-2(7)(b)	1289	······-·NIST-800-53-AC-2(7)(b)
1290	······-·NIST-800-53-AC-6(9)	1290	······-·NIST-800-53-AC-6(9)
1291	······-·NIST-800-53-AU-12(c)	1291	······-·NIST-800-53-AU-12(c)
1292	······-·NIST-800-53-AU-2(d)	1292	······-·NIST-800-53-AU-2(d)
Offset 1303, 16 lines modified		Offset 1303, 16 lines modified
1303	····-·name:·Search·/etc/audit/rules.d·for·other·rules·with·specified·key·actions	1303	····-·name:·Search·/etc/audit/rules.d·for·other·rules·with·specified·key·actions
1304	······find:	1304	······find:
1305	········paths:·/etc/audit/rules.d	1305	········paths:·/etc/audit/rules.d
1306	········contains:·^.*(?:-F·key=\|-k\s+)actions$	1306	········contains:·^.*(?:-F·key=\|-k\s+)actions$
1307	········patterns:·'*.rules'	1307	········patterns:·'*.rules'
1308	······register:·find_watch_key	1308	······register:·find_watch_key
1309	······when:	1309	······when:
1310	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1311	······-·'"auditd"·in·ansible_facts.packages'	1310	······-·'"auditd"·in·ansible_facts.packages'
		1311	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1312	······-·find_existing_watch_rules_d.matched·is·defined·and·find_existing_watch_rules_d.matched	1312	······-·find_existing_watch_rules_d.matched·is·defined·and·find_existing_watch_rules_d.matched
1313	········==·0	1313	········==·0
1314	······tags:	1314	······tags:
1315	······-·CJIS-5.4.1.1	1315	······-·CJIS-5.4.1.1
1316	······-·NIST-800-171-3.1.7	1316	······-·NIST-800-171-3.1.7
1317	······-·NIST-800-53-AC-2(7)(b)	1317	······-·NIST-800-53-AC-2(7)(b)
1318	······-·NIST-800-53-AC-6(9)	1318	······-·NIST-800-53-AC-6(9)
Offset 1329, 16 lines modified		Offset 1329, 16 lines modified
1329	······-·restrict_strategy	1329	······-·restrict_strategy

1330	····-·name:·Use·/etc/audit/rules.d/actions.rules·as·the·recipient·for·the·rule	1330	····-·name:·Use·/etc/audit/rules.d/actions.rules·as·the·recipient·for·the·rule
1331	······set_fact:	1331	······set_fact:
1332	········all_files:	1332	········all_files:
1333	········-·/etc/audit/rules.d/actions.rules	1333	········-·/etc/audit/rules.d/actions.rules
1334	······when:	1334	······when:
1335	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1336	······-·'"auditd"·in·ansible_facts.packages'	1335	······-·'"auditd"·in·ansible_facts.packages'
		1336	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1337	······-·find_watch_key.matched·is·defined·and·find_watch_key.matched·==·0·and·find_existing_watch_rules_d.matched	1337	······-·find_watch_key.matched·is·defined·and·find_watch_key.matched·==·0·and·find_existing_watch_rules_d.matched
1338	········is·defined·and·find_existing_watch_rules_d.matched·==·0	1338	········is·defined·and·find_existing_watch_rules_d.matched·==·0
1339	······tags:	1339	······tags:
1340	······-·CJIS-5.4.1.1	1340	······-·CJIS-5.4.1.1
1341	······-·NIST-800-171-3.1.7	1341	······-·NIST-800-171-3.1.7
1342	······-·NIST-800-53-AC-2(7)(b)	1342	······-·NIST-800-53-AC-2(7)(b)
1343	······-·NIST-800-53-AC-6(9)	1343	······-·NIST-800-53-AC-6(9)
Offset 1355, 16 lines modified		Offset 1355, 16 lines modified
1355	······-·restrict_strategy	1355	······-·restrict_strategy

1356	····-·name:·Use·matched·file·as·the·recipient·for·the·rule	1356	····-·name:·Use·matched·file·as·the·recipient·for·the·rule
1357	······set_fact:	1357	······set_fact:
1358	········all_files:	1358	········all_files:
1359	········-·'{{·find_watch_key.files·\|·map(attribute=''path'')·\|·list·\|·first·}}'	1359	········-·'{{·find_watch_key.files·\|·map(attribute=''path'')·\|·list·\|·first·}}'
1360	······when:	1360	······when:
1361	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1362	······-·'"auditd"·in·ansible_facts.packages'	1361	······-·'"auditd"·in·ansible_facts.packages'
		1362	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1363	······-·find_watch_key.matched·is·defined·and·find_watch_key.matched·>·0·and·find_existing_watch_rules_d.matched	1363	······-·find_watch_key.matched·is·defined·and·find_watch_key.matched·>·0·and·find_existing_watch_rules_d.matched
1364	········is·defined·and·find_existing_watch_rules_d.matched·==·0	1364	········is·defined·and·find_existing_watch_rules_d.matched·==·0
1365	······tags:	1365	······tags:
1366	······-·CJIS-5.4.1.1	1366	······-·CJIS-5.4.1.1
1367	······-·NIST-800-171-3.1.7	1367	······-·NIST-800-171-3.1.7
1368	······-·NIST-800-53-AC-2(7)(b)	1368	······-·NIST-800-53-AC-2(7)(b)
1369	······-·NIST-800-53-AC-6(9)	1369	······-·NIST-800-53-AC-6(9)
Offset 1383, 16 lines modified		Offset 1383, 16 lines modified
1383	····-·name:·Add·watch·rule·for·/etc/sudoers·in·/etc/audit/rules.d/	1383	····-·name:·Add·watch·rule·for·/etc/sudoers·in·/etc/audit/rules.d/
Max diff block lines reached; 133550/138587 bytes (96.37%) of diff not shown.


Offset 1152, 16 lines modified		Offset 1152, 16 lines modified

1152	····-·name:·Collect·all·files·from·/etc/audit/rules.d·with·.rules·extension	1152	····-·name:·Collect·all·files·from·/etc/audit/rules.d·with·.rules·extension
1153	······find:	1153	······find:
1154	········paths:·/etc/audit/rules.d/	1154	········paths:·/etc/audit/rules.d/
1155	········patterns:·'*.rules'	1155	········patterns:·'*.rules'
1156	······register:·find_rules_d	1156	······register:·find_rules_d
1157	······when:	1157	······when:
1158	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1159	······-·'"auditd"·in·ansible_facts.packages'	1158	······-·'"auditd"·in·ansible_facts.packages'
		1159	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1160	······tags:	1160	······tags:
1161	······-·CJIS-5.4.1.1	1161	······-·CJIS-5.4.1.1
1162	······-·NIST-800-171-3.3.1	1162	······-·NIST-800-171-3.3.1
1163	······-·NIST-800-171-3.4.3	1163	······-·NIST-800-171-3.4.3
1164	······-·NIST-800-53-AC-6(9)	1164	······-·NIST-800-53-AC-6(9)
1165	······-·NIST-800-53-CM-6(a)	1165	······-·NIST-800-53-CM-6(a)
1166	······-·PCI-DSS-Req-10.5.2	1166	······-·PCI-DSS-Req-10.5.2
Offset 1176, 16 lines modified		Offset 1176, 16 lines modified
1176	······lineinfile:	1176	······lineinfile:
1177	········path:·'{{·item·}}'	1177	········path:·'{{·item·}}'
1178	········regexp:·^\s(?:-e)\s+.$	1178	········regexp:·^\s(?:-e)\s+.$
1179	········state:·absent	1179	········state:·absent
1180	······loop:·'{{·find_rules_d.files·\|·map(attribute=''path'')·\|·list·+·[''/etc/audit/audit.rules'']	1180	······loop:·'{{·find_rules_d.files·\|·map(attribute=''path'')·\|·list·+·[''/etc/audit/audit.rules'']
1181	········}}'	1181	········}}'
1182	······when:	1182	······when:
1183	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1184	······-·'"auditd"·in·ansible_facts.packages'	1183	······-·'"auditd"·in·ansible_facts.packages'
		1184	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1185	······tags:	1185	······tags:
1186	······-·CJIS-5.4.1.1	1186	······-·CJIS-5.4.1.1
1187	······-·NIST-800-171-3.3.1	1187	······-·NIST-800-171-3.3.1
1188	······-·NIST-800-171-3.4.3	1188	······-·NIST-800-171-3.4.3
1189	······-·NIST-800-53-AC-6(9)	1189	······-·NIST-800-53-AC-6(9)
1190	······-·NIST-800-53-CM-6(a)	1190	······-·NIST-800-53-CM-6(a)
1191	······-·PCI-DSS-Req-10.5.2	1191	······-·PCI-DSS-Req-10.5.2
Offset 1202, 16 lines modified		Offset 1202, 16 lines modified
1202	········create:·true	1202	········create:·true
1203	········line:·-e·2	1203	········line:·-e·2
1204	········mode:·o-rwx	1204	········mode:·o-rwx
1205	······loop:	1205	······loop:
1206	······-·/etc/audit/audit.rules	1206	······-·/etc/audit/audit.rules
1207	······-·/etc/audit/rules.d/immutable.rules	1207	······-·/etc/audit/rules.d/immutable.rules
1208	······when:	1208	······when:
1209	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1210	······-·'"auditd"·in·ansible_facts.packages'	1209	······-·'"auditd"·in·ansible_facts.packages'
		1210	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1211	······tags:	1211	······tags:
1212	······-·CJIS-5.4.1.1	1212	······-·CJIS-5.4.1.1
1213	······-·NIST-800-171-3.3.1	1213	······-·NIST-800-171-3.3.1
1214	······-·NIST-800-171-3.4.3	1214	······-·NIST-800-171-3.4.3
1215	······-·NIST-800-53-AC-6(9)	1215	······-·NIST-800-53-AC-6(9)
1216	······-·NIST-800-53-CM-6(a)	1216	······-·NIST-800-53-CM-6(a)
1217	······-·PCI-DSS-Req-10.5.2	1217	······-·PCI-DSS-Req-10.5.2
Offset 1246, 16 lines modified		Offset 1246, 16 lines modified
1246	····-·name:·Check·if·watch·rule·for·/etc/sudoers·already·exists·in·/etc/audit/rules.d/	1246	····-·name:·Check·if·watch·rule·for·/etc/sudoers·already·exists·in·/etc/audit/rules.d/
1247	······find:	1247	······find:
1248	········paths:·/etc/audit/rules.d	1248	········paths:·/etc/audit/rules.d
1249	········contains:·^\s*-w\s+/etc/sudoers\s+-p\s+wa(\s\|$)+	1249	········contains:·^\s*-w\s+/etc/sudoers\s+-p\s+wa(\s\|$)+
1250	········patterns:·'*.rules'	1250	········patterns:·'*.rules'
1251	······register:·find_existing_watch_rules_d	1251	······register:·find_existing_watch_rules_d
1252	······when:	1252	······when:
1253	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1254	······-·'"auditd"·in·ansible_facts.packages'	1253	······-·'"auditd"·in·ansible_facts.packages'
		1254	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1255	······tags:	1255	······tags:
1256	······-·CJIS-5.4.1.1	1256	······-·CJIS-5.4.1.1
1257	······-·NIST-800-171-3.1.7	1257	······-·NIST-800-171-3.1.7
1258	······-·NIST-800-53-AC-2(7)(b)	1258	······-·NIST-800-53-AC-2(7)(b)
1259	······-·NIST-800-53-AC-6(9)	1259	······-·NIST-800-53-AC-6(9)
1260	······-·NIST-800-53-AU-12(c)	1260	······-·NIST-800-53-AU-12(c)
1261	······-·NIST-800-53-AU-2(d)	1261	······-·NIST-800-53-AU-2(d)
Offset 1272, 16 lines modified		Offset 1272, 16 lines modified
1272	····-·name:·Search·/etc/audit/rules.d·for·other·rules·with·specified·key·actions	1272	····-·name:·Search·/etc/audit/rules.d·for·other·rules·with·specified·key·actions
1273	······find:	1273	······find:
1274	········paths:·/etc/audit/rules.d	1274	········paths:·/etc/audit/rules.d
1275	········contains:·^.*(?:-F·key=\|-k\s+)actions$	1275	········contains:·^.*(?:-F·key=\|-k\s+)actions$
1276	········patterns:·'*.rules'	1276	········patterns:·'*.rules'
1277	······register:·find_watch_key	1277	······register:·find_watch_key
1278	······when:	1278	······when:
1279	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1280	······-·'"auditd"·in·ansible_facts.packages'	1279	······-·'"auditd"·in·ansible_facts.packages'
		1280	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1281	······-·find_existing_watch_rules_d.matched·is·defined·and·find_existing_watch_rules_d.matched	1281	······-·find_existing_watch_rules_d.matched·is·defined·and·find_existing_watch_rules_d.matched
1282	········==·0	1282	········==·0
1283	······tags:	1283	······tags:
1284	······-·CJIS-5.4.1.1	1284	······-·CJIS-5.4.1.1
1285	······-·NIST-800-171-3.1.7	1285	······-·NIST-800-171-3.1.7
1286	······-·NIST-800-53-AC-2(7)(b)	1286	······-·NIST-800-53-AC-2(7)(b)
1287	······-·NIST-800-53-AC-6(9)	1287	······-·NIST-800-53-AC-6(9)
Offset 1298, 16 lines modified		Offset 1298, 16 lines modified
1298	······-·restrict_strategy	1298	······-·restrict_strategy

1299	····-·name:·Use·/etc/audit/rules.d/actions.rules·as·the·recipient·for·the·rule	1299	····-·name:·Use·/etc/audit/rules.d/actions.rules·as·the·recipient·for·the·rule
1300	······set_fact:	1300	······set_fact:
1301	········all_files:	1301	········all_files:
1302	········-·/etc/audit/rules.d/actions.rules	1302	········-·/etc/audit/rules.d/actions.rules
1303	······when:	1303	······when:
1304	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1305	······-·'"auditd"·in·ansible_facts.packages'	1304	······-·'"auditd"·in·ansible_facts.packages'
		1305	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1306	······-·find_watch_key.matched·is·defined·and·find_watch_key.matched·==·0·and·find_existing_watch_rules_d.matched	1306	······-·find_watch_key.matched·is·defined·and·find_watch_key.matched·==·0·and·find_existing_watch_rules_d.matched
1307	········is·defined·and·find_existing_watch_rules_d.matched·==·0	1307	········is·defined·and·find_existing_watch_rules_d.matched·==·0
1308	······tags:	1308	······tags:
1309	······-·CJIS-5.4.1.1	1309	······-·CJIS-5.4.1.1
1310	······-·NIST-800-171-3.1.7	1310	······-·NIST-800-171-3.1.7
1311	······-·NIST-800-53-AC-2(7)(b)	1311	······-·NIST-800-53-AC-2(7)(b)
1312	······-·NIST-800-53-AC-6(9)	1312	······-·NIST-800-53-AC-6(9)
Offset 1324, 16 lines modified		Offset 1324, 16 lines modified
1324	······-·restrict_strategy	1324	······-·restrict_strategy

1325	····-·name:·Use·matched·file·as·the·recipient·for·the·rule	1325	····-·name:·Use·matched·file·as·the·recipient·for·the·rule
1326	······set_fact:	1326	······set_fact:
1327	········all_files:	1327	········all_files:
1328	········-·'{{·find_watch_key.files·\|·map(attribute=''path'')·\|·list·\|·first·}}'	1328	········-·'{{·find_watch_key.files·\|·map(attribute=''path'')·\|·list·\|·first·}}'
1329	······when:	1329	······when:
1330	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1331	······-·'"auditd"·in·ansible_facts.packages'	1330	······-·'"auditd"·in·ansible_facts.packages'
		1331	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1332	······-·find_watch_key.matched·is·defined·and·find_watch_key.matched·>·0·and·find_existing_watch_rules_d.matched	1332	······-·find_watch_key.matched·is·defined·and·find_watch_key.matched·>·0·and·find_existing_watch_rules_d.matched
1333	········is·defined·and·find_existing_watch_rules_d.matched·==·0	1333	········is·defined·and·find_existing_watch_rules_d.matched·==·0
1334	······tags:	1334	······tags:
1335	······-·CJIS-5.4.1.1	1335	······-·CJIS-5.4.1.1
1336	······-·NIST-800-171-3.1.7	1336	······-·NIST-800-171-3.1.7
1337	······-·NIST-800-53-AC-2(7)(b)	1337	······-·NIST-800-53-AC-2(7)(b)
1338	······-·NIST-800-53-AC-6(9)	1338	······-·NIST-800-53-AC-6(9)
Offset 1352, 16 lines modified		Offset 1352, 16 lines modified
1352	····-·name:·Add·watch·rule·for·/etc/sudoers·in·/etc/audit/rules.d/	1352	····-·name:·Add·watch·rule·for·/etc/sudoers·in·/etc/audit/rules.d/
Max diff block lines reached; 133550/138587 bytes (96.37%) of diff not shown.


Offset 779, 16 lines modified		Offset 779, 16 lines modified
779	····-·name:·Check·if·watch·rule·for·/etc/group·already·exists·in·/etc/audit/rules.d/	779	····-·name:·Check·if·watch·rule·for·/etc/group·already·exists·in·/etc/audit/rules.d/
780	······find:	780	······find:
781	········paths:·/etc/audit/rules.d	781	········paths:·/etc/audit/rules.d
782	········contains:·^\s*-w\s+/etc/group\s+-p\s+wa(\s\|$)+	782	········contains:·^\s*-w\s+/etc/group\s+-p\s+wa(\s\|$)+
783	········patterns:·'*.rules'	783	········patterns:·'*.rules'
784	······register:·find_existing_watch_rules_d	784	······register:·find_existing_watch_rules_d
785	······when:	785	······when:
786	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
787	······-·'"auditd"·in·ansible_facts.packages'	786	······-·'"auditd"·in·ansible_facts.packages'
		787	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
788	······tags:	788	······tags:
789	······-·CJIS-5.4.1.1	789	······-·CJIS-5.4.1.1
790	······-·DISA-STIG-UBTU-20-010101	790	······-·DISA-STIG-UBTU-20-010101
791	······-·NIST-800-171-3.1.7	791	······-·NIST-800-171-3.1.7
792	······-·NIST-800-53-AC-2(4)	792	······-·NIST-800-53-AC-2(4)
793	······-·NIST-800-53-AC-6(9)	793	······-·NIST-800-53-AC-6(9)
794	······-·NIST-800-53-AU-12(c)	794	······-·NIST-800-53-AU-12(c)
Offset 805, 16 lines modified		Offset 805, 16 lines modified
805	····-·name:·Search·/etc/audit/rules.d·for·other·rules·with·specified·key·audit_rules_usergroup_modification	805	····-·name:·Search·/etc/audit/rules.d·for·other·rules·with·specified·key·audit_rules_usergroup_modification
806	······find:	806	······find:
807	········paths:·/etc/audit/rules.d	807	········paths:·/etc/audit/rules.d
808	········contains:·^.*(?:-F·key=\|-k\s+)audit_rules_usergroup_modification$	808	········contains:·^.*(?:-F·key=\|-k\s+)audit_rules_usergroup_modification$
809	········patterns:·'*.rules'	809	········patterns:·'*.rules'
810	······register:·find_watch_key	810	······register:·find_watch_key
811	······when:	811	······when:
812	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
813	······-·'"auditd"·in·ansible_facts.packages'	812	······-·'"auditd"·in·ansible_facts.packages'
		813	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
814	······-·find_existing_watch_rules_d.matched·is·defined·and·find_existing_watch_rules_d.matched	814	······-·find_existing_watch_rules_d.matched·is·defined·and·find_existing_watch_rules_d.matched
815	········==·0	815	········==·0
816	······tags:	816	······tags:
817	······-·CJIS-5.4.1.1	817	······-·CJIS-5.4.1.1
818	······-·DISA-STIG-UBTU-20-010101	818	······-·DISA-STIG-UBTU-20-010101
819	······-·NIST-800-171-3.1.7	819	······-·NIST-800-171-3.1.7
820	······-·NIST-800-53-AC-2(4)	820	······-·NIST-800-53-AC-2(4)
Offset 832, 16 lines modified		Offset 832, 16 lines modified

832	····-·name:·Use·/etc/audit/rules.d/audit_rules_usergroup_modification.rules·as·the·recipient	832	····-·name:·Use·/etc/audit/rules.d/audit_rules_usergroup_modification.rules·as·the·recipient
833	········for·the·rule	833	········for·the·rule
834	······set_fact:	834	······set_fact:
835	········all_files:	835	········all_files:
836	········-·/etc/audit/rules.d/audit_rules_usergroup_modification.rules	836	········-·/etc/audit/rules.d/audit_rules_usergroup_modification.rules
837	······when:	837	······when:
838	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
839	······-·'"auditd"·in·ansible_facts.packages'	838	······-·'"auditd"·in·ansible_facts.packages'
		839	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
840	······-·find_watch_key.matched·is·defined·and·find_watch_key.matched·==·0·and·find_existing_watch_rules_d.matched	840	······-·find_watch_key.matched·is·defined·and·find_watch_key.matched·==·0·and·find_existing_watch_rules_d.matched
841	········is·defined·and·find_existing_watch_rules_d.matched·==·0	841	········is·defined·and·find_existing_watch_rules_d.matched·==·0
842	······tags:	842	······tags:
843	······-·CJIS-5.4.1.1	843	······-·CJIS-5.4.1.1
844	······-·DISA-STIG-UBTU-20-010101	844	······-·DISA-STIG-UBTU-20-010101
845	······-·NIST-800-171-3.1.7	845	······-·NIST-800-171-3.1.7
846	······-·NIST-800-53-AC-2(4)	846	······-·NIST-800-53-AC-2(4)
Offset 858, 16 lines modified		Offset 858, 16 lines modified
858	······-·restrict_strategy	858	······-·restrict_strategy

859	····-·name:·Use·matched·file·as·the·recipient·for·the·rule	859	····-·name:·Use·matched·file·as·the·recipient·for·the·rule
860	······set_fact:	860	······set_fact:
861	········all_files:	861	········all_files:
862	········-·'{{·find_watch_key.files·\|·map(attribute=''path'')·\|·list·\|·first·}}'	862	········-·'{{·find_watch_key.files·\|·map(attribute=''path'')·\|·list·\|·first·}}'
863	······when:	863	······when:
864	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
865	······-·'"auditd"·in·ansible_facts.packages'	864	······-·'"auditd"·in·ansible_facts.packages'
		865	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
866	······-·find_watch_key.matched·is·defined·and·find_watch_key.matched·>·0·and·find_existing_watch_rules_d.matched	866	······-·find_watch_key.matched·is·defined·and·find_watch_key.matched·>·0·and·find_existing_watch_rules_d.matched
867	········is·defined·and·find_existing_watch_rules_d.matched·==·0	867	········is·defined·and·find_existing_watch_rules_d.matched·==·0
868	······tags:	868	······tags:
869	······-·CJIS-5.4.1.1	869	······-·CJIS-5.4.1.1
870	······-·DISA-STIG-UBTU-20-010101	870	······-·DISA-STIG-UBTU-20-010101
871	······-·NIST-800-171-3.1.7	871	······-·NIST-800-171-3.1.7
872	······-·NIST-800-53-AC-2(4)	872	······-·NIST-800-53-AC-2(4)
Offset 886, 16 lines modified		Offset 886, 16 lines modified
886	····-·name:·Add·watch·rule·for·/etc/group·in·/etc/audit/rules.d/	886	····-·name:·Add·watch·rule·for·/etc/group·in·/etc/audit/rules.d/
887	······lineinfile:	887	······lineinfile:
888	········path:·'{{·all_files[0]·}}'	888	········path:·'{{·all_files[0]·}}'
889	········line:·-w·/etc/group·-p·wa·-k·audit_rules_usergroup_modification	889	········line:·-w·/etc/group·-p·wa·-k·audit_rules_usergroup_modification
890	········create:·true	890	········create:·true
891	········mode:·'0640'	891	········mode:·'0640'
892	······when:	892	······when:
893	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
894	······-·'"auditd"·in·ansible_facts.packages'	893	······-·'"auditd"·in·ansible_facts.packages'
		894	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
895	······-·find_existing_watch_rules_d.matched·is·defined·and·find_existing_watch_rules_d.matched	895	······-·find_existing_watch_rules_d.matched·is·defined·and·find_existing_watch_rules_d.matched
896	········==·0	896	········==·0
897	······tags:	897	······tags:
898	······-·CJIS-5.4.1.1	898	······-·CJIS-5.4.1.1
899	······-·DISA-STIG-UBTU-20-010101	899	······-·DISA-STIG-UBTU-20-010101
900	······-·NIST-800-171-3.1.7	900	······-·NIST-800-171-3.1.7
901	······-·NIST-800-53-AC-2(4)	901	······-·NIST-800-53-AC-2(4)
Offset 914, 16 lines modified		Offset 914, 16 lines modified
914	····-·name:·Check·if·watch·rule·for·/etc/group·already·exists·in·/etc/audit/audit.rules	914	····-·name:·Check·if·watch·rule·for·/etc/group·already·exists·in·/etc/audit/audit.rules
915	······find:	915	······find:
916	········paths:·/etc/audit/	916	········paths:·/etc/audit/
917	········contains:·^\s*-w\s+/etc/group\s+-p\s+wa(\s\|$)+	917	········contains:·^\s*-w\s+/etc/group\s+-p\s+wa(\s\|$)+
918	········patterns:·audit.rules	918	········patterns:·audit.rules
919	······register:·find_existing_watch_audit_rules	919	······register:·find_existing_watch_audit_rules
920	······when:	920	······when:
921	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
922	······-·'"auditd"·in·ansible_facts.packages'	921	······-·'"auditd"·in·ansible_facts.packages'
		922	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
923	······tags:	923	······tags:
924	······-·CJIS-5.4.1.1	924	······-·CJIS-5.4.1.1
925	······-·DISA-STIG-UBTU-20-010101	925	······-·DISA-STIG-UBTU-20-010101
926	······-·NIST-800-171-3.1.7	926	······-·NIST-800-171-3.1.7
927	······-·NIST-800-53-AC-2(4)	927	······-·NIST-800-53-AC-2(4)
928	······-·NIST-800-53-AC-6(9)	928	······-·NIST-800-53-AC-6(9)
929	······-·NIST-800-53-AU-12(c)	929	······-·NIST-800-53-AU-12(c)
Offset 941, 16 lines modified		Offset 941, 16 lines modified
941	······lineinfile:	941	······lineinfile:
942	········line:·-w·/etc/group·-p·wa·-k·audit_rules_usergroup_modification	942	········line:·-w·/etc/group·-p·wa·-k·audit_rules_usergroup_modification
943	········state:·present	943	········state:·present
944	········dest:·/etc/audit/audit.rules	944	········dest:·/etc/audit/audit.rules
945	········create:·true	945	········create:·true
946	········mode:·'0640'	946	········mode:·'0640'
947	······when:	947	······when:
948	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
949	······-·'"auditd"·in·ansible_facts.packages'	948	······-·'"auditd"·in·ansible_facts.packages'
		949	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
950	······-·find_existing_watch_audit_rules.matched·is·defined·and·find_existing_watch_audit_rules.matched	950	······-·find_existing_watch_audit_rules.matched·is·defined·and·find_existing_watch_audit_rules.matched
951	········==·0	951	········==·0
952	······tags:	952	······tags:
953	······-·CJIS-5.4.1.1	953	······-·CJIS-5.4.1.1
954	······-·DISA-STIG-UBTU-20-010101	954	······-·DISA-STIG-UBTU-20-010101
955	······-·NIST-800-171-3.1.7	955	······-·NIST-800-171-3.1.7
956	······-·NIST-800-53-AC-2(4)	956	······-·NIST-800-53-AC-2(4)
Offset 990, 16 lines modified		Offset 990, 16 lines modified
990	····-·name:·Check·if·watch·rule·for·/etc/gshadow·already·exists·in·/etc/audit/rules.d/	990	····-·name:·Check·if·watch·rule·for·/etc/gshadow·already·exists·in·/etc/audit/rules.d/
Max diff block lines reached; 123095/128504 bytes (95.79%) of diff not shown.


Offset 1062, 16 lines modified		Offset 1062, 16 lines modified
1062	······-·no_reboot_needed	1062	······-·no_reboot_needed

1063	····-·name:·Test·for·existence·/boot/grub/grub.cfg	1063	····-·name:·Test·for·existence·/boot/grub/grub.cfg
1064	······stat:	1064	······stat:
1065	········path:·/boot/grub/grub.cfg	1065	········path:·/boot/grub/grub.cfg
1066	······register:·file_exists	1066	······register:·file_exists
1067	······when:	1067	······when:
1068	······-·'"grub2-common"·in·ansible_facts.packages'
1069	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1068	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1069	······-·'"grub2-common"·in·ansible_facts.packages'
1070	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1070	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1071	······tags:	1071	······tags:
1072	······-·CJIS-5.5.2.2	1072	······-·CJIS-5.5.2.2
1073	······-·NIST-800-171-3.4.5	1073	······-·NIST-800-171-3.4.5
1074	······-·NIST-800-53-AC-6(1)	1074	······-·NIST-800-53-AC-6(1)
1075	······-·NIST-800-53-CM-6(a)	1075	······-·NIST-800-53-CM-6(a)
1076	······-·PCI-DSS-Req-7.1	1076	······-·PCI-DSS-Req-7.1
Offset 1083, 16 lines modified		Offset 1083, 16 lines modified
1083	······-·no_reboot_needed	1083	······-·no_reboot_needed

1084	····-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg	1084	····-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg
1085	······file:	1085	······file:
1086	········path:·/boot/grub/grub.cfg	1086	········path:·/boot/grub/grub.cfg
1087	········owner:·'0'	1087	········owner:·'0'
1088	······when:	1088	······when:
1089	······-·'"grub2-common"·in·ansible_facts.packages'
1090	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1089	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1090	······-·'"grub2-common"·in·ansible_facts.packages'
1091	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1091	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1092	······-·file_exists.stat·is·defined·and·file_exists.stat.exists	1092	······-·file_exists.stat·is·defined·and·file_exists.stat.exists
1093	······tags:	1093	······tags:
1094	······-·CJIS-5.5.2.2	1094	······-·CJIS-5.5.2.2
1095	······-·NIST-800-171-3.4.5	1095	······-·NIST-800-171-3.4.5
1096	······-·NIST-800-53-AC-6(1)	1096	······-·NIST-800-53-AC-6(1)
1097	······-·NIST-800-53-CM-6(a)	1097	······-·NIST-800-53-CM-6(a)
Offset 1120, 16 lines modified		Offset 1120, 16 lines modified
1120	······-·no_reboot_needed	1120	······-·no_reboot_needed

1121	····-·name:·Test·for·existence·/boot/grub/grub.cfg	1121	····-·name:·Test·for·existence·/boot/grub/grub.cfg
1122	······stat:	1122	······stat:
1123	········path:·/boot/grub/grub.cfg	1123	········path:·/boot/grub/grub.cfg
1124	······register:·file_exists	1124	······register:·file_exists
1125	······when:	1125	······when:
1126	······-·'"grub2-common"·in·ansible_facts.packages'
1127	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1126	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1127	······-·'"grub2-common"·in·ansible_facts.packages'
1128	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1128	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1129	······tags:	1129	······tags:
1130	······-·NIST-800-171-3.4.5	1130	······-·NIST-800-171-3.4.5
1131	······-·NIST-800-53-AC-6(1)	1131	······-·NIST-800-53-AC-6(1)
1132	······-·NIST-800-53-CM-6(a)	1132	······-·NIST-800-53-CM-6(a)
1133	······-·configure_strategy	1133	······-·configure_strategy
1134	······-·file_permissions_grub2_cfg	1134	······-·file_permissions_grub2_cfg
Offset 1139, 16 lines modified		Offset 1139, 16 lines modified
1139	······-·no_reboot_needed	1139	······-·no_reboot_needed

1140	····-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg	1140	····-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg
1141	······file:	1141	······file:
1142	········path:·/boot/grub/grub.cfg	1142	········path:·/boot/grub/grub.cfg
1143	········mode:·u-xs,g-xwrs,o-xwrt	1143	········mode:·u-xs,g-xwrs,o-xwrt
1144	······when:	1144	······when:
1145	······-·'"grub2-common"·in·ansible_facts.packages'
1146	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1145	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1146	······-·'"grub2-common"·in·ansible_facts.packages'
1147	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1147	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1148	······-·file_exists.stat·is·defined·and·file_exists.stat.exists	1148	······-·file_exists.stat·is·defined·and·file_exists.stat.exists
1149	······tags:	1149	······tags:
1150	······-·NIST-800-171-3.4.5	1150	······-·NIST-800-171-3.4.5
1151	······-·NIST-800-53-AC-6(1)	1151	······-·NIST-800-53-AC-6(1)
1152	······-·NIST-800-53-CM-6(a)	1152	······-·NIST-800-53-CM-6(a)
1153	······-·configure_strategy	1153	······-·configure_strategy


Offset 1031, 16 lines modified		Offset 1031, 16 lines modified
1031	······-·no_reboot_needed	1031	······-·no_reboot_needed

1032	····-·name:·Test·for·existence·/boot/grub/grub.cfg	1032	····-·name:·Test·for·existence·/boot/grub/grub.cfg
1033	······stat:	1033	······stat:
1034	········path:·/boot/grub/grub.cfg	1034	········path:·/boot/grub/grub.cfg
1035	······register:·file_exists	1035	······register:·file_exists
1036	······when:	1036	······when:
1037	······-·'"grub2-common"·in·ansible_facts.packages'
1038	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1037	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1038	······-·'"grub2-common"·in·ansible_facts.packages'
1039	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1039	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1040	······tags:	1040	······tags:
1041	······-·CJIS-5.5.2.2	1041	······-·CJIS-5.5.2.2
1042	······-·NIST-800-171-3.4.5	1042	······-·NIST-800-171-3.4.5
1043	······-·NIST-800-53-AC-6(1)	1043	······-·NIST-800-53-AC-6(1)
1044	······-·NIST-800-53-CM-6(a)	1044	······-·NIST-800-53-CM-6(a)
1045	······-·PCI-DSS-Req-7.1	1045	······-·PCI-DSS-Req-7.1
Offset 1052, 16 lines modified		Offset 1052, 16 lines modified
1052	······-·no_reboot_needed	1052	······-·no_reboot_needed

1053	····-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg	1053	····-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg
1054	······file:	1054	······file:
1055	········path:·/boot/grub/grub.cfg	1055	········path:·/boot/grub/grub.cfg
1056	········owner:·'0'	1056	········owner:·'0'
1057	······when:	1057	······when:
1058	······-·'"grub2-common"·in·ansible_facts.packages'
1059	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1058	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1059	······-·'"grub2-common"·in·ansible_facts.packages'
1060	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1060	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1061	······-·file_exists.stat·is·defined·and·file_exists.stat.exists	1061	······-·file_exists.stat·is·defined·and·file_exists.stat.exists
1062	······tags:	1062	······tags:
1063	······-·CJIS-5.5.2.2	1063	······-·CJIS-5.5.2.2
1064	······-·NIST-800-171-3.4.5	1064	······-·NIST-800-171-3.4.5
1065	······-·NIST-800-53-AC-6(1)	1065	······-·NIST-800-53-AC-6(1)
1066	······-·NIST-800-53-CM-6(a)	1066	······-·NIST-800-53-CM-6(a)
Offset 1089, 16 lines modified		Offset 1089, 16 lines modified
1089	······-·no_reboot_needed	1089	······-·no_reboot_needed

1090	····-·name:·Test·for·existence·/boot/grub/grub.cfg	1090	····-·name:·Test·for·existence·/boot/grub/grub.cfg
1091	······stat:	1091	······stat:
1092	········path:·/boot/grub/grub.cfg	1092	········path:·/boot/grub/grub.cfg
1093	······register:·file_exists	1093	······register:·file_exists
1094	······when:	1094	······when:
1095	······-·'"grub2-common"·in·ansible_facts.packages'
1096	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1095	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1096	······-·'"grub2-common"·in·ansible_facts.packages'
1097	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1097	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1098	······tags:	1098	······tags:
1099	······-·NIST-800-171-3.4.5	1099	······-·NIST-800-171-3.4.5
1100	······-·NIST-800-53-AC-6(1)	1100	······-·NIST-800-53-AC-6(1)
1101	······-·NIST-800-53-CM-6(a)	1101	······-·NIST-800-53-CM-6(a)
1102	······-·configure_strategy	1102	······-·configure_strategy
1103	······-·file_permissions_grub2_cfg	1103	······-·file_permissions_grub2_cfg
Offset 1108, 16 lines modified		Offset 1108, 16 lines modified
1108	······-·no_reboot_needed	1108	······-·no_reboot_needed

1109	····-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg	1109	····-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg
1110	······file:	1110	······file:
1111	········path:·/boot/grub/grub.cfg	1111	········path:·/boot/grub/grub.cfg
1112	········mode:·u-xs,g-xwrs,o-xwrt	1112	········mode:·u-xs,g-xwrs,o-xwrt
1113	······when:	1113	······when:
1114	······-·'"grub2-common"·in·ansible_facts.packages'
1115	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	1114	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		1115	······-·'"grub2-common"·in·ansible_facts.packages'
1116	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	1116	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
1117	······-·file_exists.stat·is·defined·and·file_exists.stat.exists	1117	······-·file_exists.stat·is·defined·and·file_exists.stat.exists
1118	······tags:	1118	······tags:
1119	······-·NIST-800-171-3.4.5	1119	······-·NIST-800-171-3.4.5
1120	······-·NIST-800-53-AC-6(1)	1120	······-·NIST-800-53-AC-6(1)
1121	······-·NIST-800-53-CM-6(a)	1121	······-·NIST-800-53-CM-6(a)
1122	······-·configure_strategy	1122	······-·configure_strategy


Offset 16207, 16 lines modified		Offset 16207, 16 lines modified
16207	······-·no_reboot_needed	16207	······-·no_reboot_needed

16208	····-·name:·Test·for·existence·/boot/grub/grub.cfg	16208	····-·name:·Test·for·existence·/boot/grub/grub.cfg
16209	······stat:	16209	······stat:
16210	········path:·/boot/grub/grub.cfg	16210	········path:·/boot/grub/grub.cfg
16211	······register:·file_exists	16211	······register:·file_exists
16212	······when:	16212	······when:
16213	······-·'"grub2-common"·in·ansible_facts.packages'
16214	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	16213	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		16214	······-·'"grub2-common"·in·ansible_facts.packages'
16215	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	16215	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
16216	······tags:	16216	······tags:
16217	······-·CJIS-5.5.2.2	16217	······-·CJIS-5.5.2.2
16218	······-·NIST-800-171-3.4.5	16218	······-·NIST-800-171-3.4.5
16219	······-·NIST-800-53-AC-6(1)	16219	······-·NIST-800-53-AC-6(1)
16220	······-·NIST-800-53-CM-6(a)	16220	······-·NIST-800-53-CM-6(a)
16221	······-·PCI-DSS-Req-7.1	16221	······-·PCI-DSS-Req-7.1
Offset 16228, 16 lines modified		Offset 16228, 16 lines modified
16228	······-·no_reboot_needed	16228	······-·no_reboot_needed

16229	····-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg	16229	····-·name:·Ensure·owner·0·on·/boot/grub/grub.cfg
16230	······file:	16230	······file:
16231	········path:·/boot/grub/grub.cfg	16231	········path:·/boot/grub/grub.cfg
16232	········owner:·'0'	16232	········owner:·'0'
16233	······when:	16233	······when:
16234	······-·'"grub2-common"·in·ansible_facts.packages'
16235	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	16234	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		16235	······-·'"grub2-common"·in·ansible_facts.packages'
16236	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	16236	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
16237	······-·file_exists.stat·is·defined·and·file_exists.stat.exists	16237	······-·file_exists.stat·is·defined·and·file_exists.stat.exists
16238	······tags:	16238	······tags:
16239	······-·CJIS-5.5.2.2	16239	······-·CJIS-5.5.2.2
16240	······-·NIST-800-171-3.4.5	16240	······-·NIST-800-171-3.4.5
16241	······-·NIST-800-53-AC-6(1)	16241	······-·NIST-800-53-AC-6(1)
16242	······-·NIST-800-53-CM-6(a)	16242	······-·NIST-800-53-CM-6(a)
Offset 16265, 16 lines modified		Offset 16265, 16 lines modified
16265	······-·no_reboot_needed	16265	······-·no_reboot_needed

16266	····-·name:·Test·for·existence·/boot/grub/grub.cfg	16266	····-·name:·Test·for·existence·/boot/grub/grub.cfg
16267	······stat:	16267	······stat:
16268	········path:·/boot/grub/grub.cfg	16268	········path:·/boot/grub/grub.cfg
16269	······register:·file_exists	16269	······register:·file_exists
16270	······when:	16270	······when:
16271	······-·'"grub2-common"·in·ansible_facts.packages'
16272	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	16271	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		16272	······-·'"grub2-common"·in·ansible_facts.packages'
16273	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	16273	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
16274	······tags:	16274	······tags:
16275	······-·NIST-800-171-3.4.5	16275	······-·NIST-800-171-3.4.5
16276	······-·NIST-800-53-AC-6(1)	16276	······-·NIST-800-53-AC-6(1)
16277	······-·NIST-800-53-CM-6(a)	16277	······-·NIST-800-53-CM-6(a)
16278	······-·configure_strategy	16278	······-·configure_strategy
16279	······-·file_permissions_grub2_cfg	16279	······-·file_permissions_grub2_cfg
Offset 16284, 16 lines modified		Offset 16284, 16 lines modified
16284	······-·no_reboot_needed	16284	······-·no_reboot_needed

16285	····-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg	16285	····-·name:·Ensure·permission·u-xs,g-xwrs,o-xwrt·on·/boot/grub/grub.cfg
16286	······file:	16286	······file:
16287	········path:·/boot/grub/grub.cfg	16287	········path:·/boot/grub/grub.cfg
16288	········mode:·u-xs,g-xwrs,o-xwrt	16288	········mode:·u-xs,g-xwrs,o-xwrt
16289	······when:	16289	······when:
16290	······-·'"grub2-common"·in·ansible_facts.packages'
16291	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'	16290	······-·'"/boot/efi"·not·in·ansible_mounts·\|·map(attribute="mount")·\|·list'
		16291	······-·'"grub2-common"·in·ansible_facts.packages'
16292	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]	16292	······-·ansible_virtualization_type·not·in·["docker",·"lxc",·"openvz",·"podman",·"container"]
16293	······-·file_exists.stat·is·defined·and·file_exists.stat.exists	16293	······-·file_exists.stat·is·defined·and·file_exists.stat.exists
16294	······tags:	16294	······tags:
16295	······-·NIST-800-171-3.4.5	16295	······-·NIST-800-171-3.4.5
16296	······-·NIST-800-53-AC-6(1)	16296	······-·NIST-800-53-AC-6(1)
16297	······-·NIST-800-53-CM-6(a)	16297	······-·NIST-800-53-CM-6(a)
16298	······-·configure_strategy	16298	······-·configure_strategy