redhatgov / ssg-el6-kickstart Goto Github PK
View Code? Open in Web Editor NEWDVD embedded Kickstart for RHEL 6 utilizing SCAP Security Guide (SSG) as a hardening script.
License: Other
ssg-el6-kickstart's Issues
Typo in /etc/pam.d/gnome-screensaver
Hello,
I have been using the ssg-el6-kickstart for a hardened baseline build for a few years now with great results. I noticed one small issue with the latest release that is easily fixed:
When operating in runlevel 5 I was unable to log back in to the machine once it reached the lock screen. After unsuccessfully trying a few fixes I noticed a sequence in /var/log/secure that pointed the culprit out.
Aug 15 16:35:32 XXX gnome-screensaver-dialog: PAM (gnome-screensaver) illegal module type: %PAM-1.0
Aug 15 16:35:32 XXX gnome-screensaver-dialog: PAM (gnome-screensaver) no control flag supplied
Aug 15 16:35:32 XXX gnome-screensaver-dialog: PAM (gnome-screensaver) no module name supplied
The first line of /etc/pam.d/gnome-screensaver should be "#%PAM-1.0" instead of "%PAM-1.0". Looks to have the typo in ipa-pam-configuration.sh also.
Otherwise everything else is excellent. I hope this helps.
FIPS-140 hashing algorithms using aide
Remote Desktop not working at all, Am I missing something in the config scripts?
For the life of me, I cannot seem to figure out how to make Remote Desktop / XRDP work. I have tried everything I can find, performed multiple re-installs, along with different workstation types. But nothing seems to change the fact that I cannot connect to the hardened workstation via remote desktop.
Note I have managed to get the hardening script to work with CentOS 6.8 without issue or error during the installation.
I've tested my procedure of setting up Remote Desktop / XRDP on an unhardened instance and it works without issue but to no avail it will not work with the hardened image.
Am I missing something within the hardening configuration scripts that is preventing the ability for me to remote desktop into the machine?
Any insight or assistance someone could lend would be greatly appreciated!
Licence Change (GPLv2 -> APL2.0)
I would like to change the Licence of this project from GNU Public Licence version 2 (GPLv2) to Apache Public Licence 2.0 (APL2.0) to allow people to utilize this software without having to submit changes back to the project. I believe that this will allow for better use in the DOD/IC without the requirements to give back everything - however, it would still remain open source as a reference model.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.