You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Active Directory integration could use AD-SUPPORT module for crypto-policies [1].
Common Criteria require the OSPP module for crypto-policies.
Expected Behavior
I'd expect a split on : of the rhel8cis_crypto_policy with a check on the first part.
Now I have to extend rhel8cis_allowed_crypto_policies.
Actual Behavior
rhel8cis_crypto_policy: DEFAULT:AD-SUPPORT fails the asserion Check crypto-policy input
Control(s) Affected
Not reported correctly, run breaks.
Environment (please complete the following information):
Ansible Version: [e.g. 2.10]
Host Python Version: [e.g. Python 3.7.6]
Ansible Server Python Version: [e.g. Python 3.7.6]
Describe the Issue
Expected Behavior
I'd expect a
split
on:
of the rhel8cis_crypto_policy with a check on the first part.Now I have to extend
rhel8cis_allowed_crypto_policies
.Actual Behavior
rhel8cis_crypto_policy: DEFAULT:AD-SUPPORT
fails the asserionCheck crypto-policy input
Control(s) Affected
Not reported correctly, run breaks.
Environment (please complete the following information):
Additional Notes
Possible Solution
Check the policy and possible module.
Add allowed modules as a dict and implement a check on it.
[1] Enabling AD-SUPPORT might create a workaround, while the AD should be updated instead:
https://www.redhat.com/en/blog/red-hat-enterprise-linux-and-microsoft-security-update-november-2022
The text was updated successfully, but these errors were encountered: