sysctl_net fixes remove 99-sysctl.conf symlink after second round of remediation
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu Security Guide |
Fix Committed
|
Undecided
|
Miha Purg |
Bug Description
Ubuntu Version: 22.04 (jammy) Desktop
CIS Profile: cis_level2_
The below steps outline the unintended behavior which should serve as a description of the bug, as well as a reproducer:
1.Apply the cis_level2_
2.Reboot
3.Audit
Result: Audit passes on all sysctl_net rules
ls -l /etc/sysctl.d/
lrwxrwxrwx 1 root root 14 Mar 21 21:57 99-sysctl.conf -> ../sysctl.conf
The symlink above is still intact and the variables set by the profile fix are active in 99-sysctl.conf
1.Apply the cis_level2_
2.Reboot
3.Audit
Result: A few sysctl_net rules pass, and the following rules fail:
xccdf_org.
xccdf_org.
xccdf_org.
xccdf_org.
xccdf_org.
xccdf_org.
xccdf_org.
xccdf_org.
xccdf_org.
xccdf_org.
xccdf_org.
xccdf_org.
xccdf_org.
xccdf_org.
ls -l /etc/sysctl.d/
-rw-r--r-- 1 root root 3339 Mar 4 16:37 99-sysctl.conf
The symlink above does not exist anymore, and the variables previously set and active in 99-sysctl.conf are all commented out, and have been moved to /etc/sysctl.conf.
Changed in usg: | |
assignee: | nobody → Miha Purg (mihap) |
status: | New → Confirmed |
Changed in usg: | |
status: | Confirmed → In Progress |
Changed in usg: | |
status: | In Progress → Fix Committed |
Hi Victor, nice catch, and thanks for filing the bug report!
I've committed the fix and will include it in the next release of usg for jammy (22.04.7).