From 0ce201318d3a98dab11b77828ce3ede69f6e2dc3 Mon Sep 17 00:00:00 2001
From: MITRE SAF <saf@groups.mitre.org>
Date: Thu, 19 Dec 2024 00:05:25 +0000
Subject: [PATCH] Automated ingestion of profiles

Signed-off-by: MITRE SAF <saf@groups.mitre.org>
---
 .../redhat-enterprise-linux-8-stig-baseline.json              | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/assets/data/baselineProfiles/redhat-enterprise-linux-8-stig-baseline.json b/src/assets/data/baselineProfiles/redhat-enterprise-linux-8-stig-baseline.json
index b6007c21..17a8ce6d 100644
--- a/src/assets/data/baselineProfiles/redhat-enterprise-linux-8-stig-baseline.json
+++ b/src/assets/data/baselineProfiles/redhat-enterprise-linux-8-stig-baseline.json
@@ -12561,7 +12561,7 @@
         ],
         "host": null
       },
-      "code": "control 'SV-230247' do\n  title 'The RHEL 8 /var/log/messages file must be group-owned by root.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify the \"/var/log/messages\" file is group-owned by root with the\nfollowing command:\n\n    $ sudo stat -c \"%G\" /var/log/messages\n\n    root\n\n    If \"root\" is not returned as a result, this is a finding.'\n  desc 'fix', 'Change the group of the file \"/var/log/messages\" to \"root\" by running\nthe following command:\n\n    $ sudo chgrp root /var/log/messages'\n  impact 0.5\n  ref 'DPMS Target Red Hat Enterprise Linux 8'\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000206-GPOS-00084'\n  tag gid: 'V-230247'\n  tag rid: 'SV-230247r627750_rule'\n  tag stig_id: 'RHEL-08-010230'\n  tag fix_id: 'F-32891r567488_fix'\n  tag cci: ['CCI-001314']\n  tag nist: ['SI-11 b']\n  tag 'host'\n\n  only_if('This control is Not Applicable to containers', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  describe.one do\n    describe file('/var/log/messages') do\n      its('group') { should be_in input('var_log_messages_group') }\n    end\n    describe file('/var/log/messages') do\n      it { should_not exist }\n    end\n  end\nend\n",
+      "code": "control 'SV-230247' do\n  title 'The RHEL 8 /var/log/messages file must be group-owned by root.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify the \"/var/log/messages\" file is group-owned by root with the\nfollowing command:\n\n    $ sudo stat -c \"%G\" /var/log/messages\n\n    root\n\n    If \"root\" is not returned as a result, this is a finding.'\n  desc 'fix', 'Change the group of the file \"/var/log/messages\" to \"root\" by running\nthe following command:\n\n    $ sudo chgrp root /var/log/messages'\n  impact 0.5\n  ref 'DPMS Target Red Hat Enterprise Linux 8'\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000206-GPOS-00084'\n  tag gid: 'V-230247'\n  tag rid: 'SV-230247r627750_rule'\n  tag stig_id: 'RHEL-08-010230'\n  tag fix_id: 'F-32891r567488_fix'\n  tag cci: ['CCI-001314']\n  tag nist: ['SI-11 b']\n  tag 'host'\n\n  only_if('This control is Not Applicable to containers', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  var_log_messages_group = input('var_log_messages_group')\n\n  describe.one do\n    describe file('/var/log/messages') do\n      its('group') { should be_in var_log_messages_group }\n    end\n    describe file('/var/log/messages') do\n      it { should_not exist }\n    end\n  end\nend\n",
       "source_location": {
         "ref": "./Red Hat 8 STIG/controls/SV-230247.rb",
         "line": 1
@@ -17263,7 +17263,7 @@
       "id": "controls/SV-230259.rb"
     }
   ],
-  "sha256": "eaf08a3d96a7aa5443b59ee460282f9786d4e0d7c29c497bb7f767b20c6aef05",
+  "sha256": "85b4c5d4cd8ccdb0840c6af829c79db05dac9a8b290f3762ff2abfa2c37f1f37",
   "status_message": "",
   "status": "loaded",
   "generator": {