Fix #11902

ComplianceAsCode · Apr 26, 2024 · 5d7f6db · 5d7f6db
1 parent 7b83304
commit 5d7f6db
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 4 deletions.
diff --git a/products/ubuntu2204/profiles/cis_level2_server.profile b/products/ubuntu2204/profiles/cis_level2_server.profile
@@ -9,6 +9,9 @@ description: |-
 extends: cis_level1_server
 
 selections:
+    ### Variables
+    - var_accounts_passwords_pam_faillock_dir=run
+
     #### 1.1.1.2 Ensure mounting of squashfs filesystems is disabled (Automated)
     - kernel_module_squashfs_disabled
 
@@ -155,9 +158,8 @@ selections:
     - audit_rules_session_events
 
     #### 4.1.3.12 Ensure login and logout events are collected (Automated)
-    - audit_rules_login_events_faillog
+    - audit_rules_login_events_faillock
     - audit_rules_login_events_lastlog
-    - audit_rules_login_events_tallylog
 
     #### 4.1.3.13 Ensure file deletion events by users are collected (Automated)
     - audit_rules_file_deletion_events_rename

diff --git a/products/ubuntu2204/profiles/cis_level2_workstation.profile b/products/ubuntu2204/profiles/cis_level2_workstation.profile
@@ -9,6 +9,9 @@ description: |-
 extends: cis_level1_workstation
 
 selections:
+    ### Variables
+    - var_accounts_passwords_pam_faillock_dir=run
+
     #### 1.1.1.2 Ensure mounting of squashfs filesystems is disabled (Automated)
     - kernel_module_squashfs_disabled
 
@@ -167,9 +170,8 @@ selections:
     - audit_rules_session_events
 
     #### 4.1.3.12 Ensure login and logout events are collected (Automated)
-    - audit_rules_login_events_faillog
+    - audit_rules_login_events_faillock
     - audit_rules_login_events_lastlog
-    - audit_rules_login_events_tallylog
 
     #### 4.1.3.13 Ensure file deletion events by users are collected (Automated)
     - audit_rules_file_deletion_events_rename