Azure
/
azure-osconfig
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
725 коммитов 47 Ветки 14 Теги 22 MiB
Граф коммитов

725 Коммитов

Автор SHA1 Сообщение Дата
Ahmed Messaoud f3ae29eca5
Onboarding all targeted distros to build/test/publish in AMD64 flavor (#637) 
* Onboarded all distros

* Cleaned target list (no arm)
 2024-03-04 11:47:04 -08:00
Ahmed Messaoud 8bf3ce158e
downgrade gtest on rhel9 (#636) 2024-03-04 11:05:37 -08:00
Ahmed Messaoud 4dc2087c25
Backport gtest on older distros (#635) 2024-03-01 18:02:32 -08:00
Ahmed Messaoud 9cd8e6fea9
added libcurl to rhel-9 (#634) 2024-03-02 01:42:31 +00:00
Ahmed Messaoud 2322cba473
Adding new distro support containers (#633) 2024-03-02 00:21:13 +00:00
Marius Niculescu 428f884e73
Merging the SSH Security Posture with earlier draft of the Security Baseline for functional demo side by side (#632) 2024-03-01 14:37:28 -08:00
Ahmed Messaoud 466498f87c
downgraded download/upload-artifact to v3 (#631) 2024-02-28 23:58:32 +00:00
Marius Niculescu 7cbcce3661
Making the SecurityBaseline test recipe to remediate and audit real SSH server configuration values (#630) 2024-02-28 12:52:27 -08:00
Marius Niculescu efadf22bae
Combining SSH and Security Baseline policy MOF manifests (draft) and temporarily reducing the test recipe for the later module (#628) 2024-02-28 10:48:42 -08:00
Robert Schaedler III b2d6819690
Downgrade upload-artifact from v4 to v3 (#629) 2024-02-28 17:35:45 +00:00
Marius Niculescu 45dbbc5f5d
Moving RepairBrokenEolCharactersIfAny from SSH utils to common utils (#627) 2024-02-23 11:34:49 -08:00
Ahmed Messaoud 5efdb2de38
Workflow refactoring (#626) 2024-02-23 09:53:55 -08:00
Marius Niculescu e630de4bbf
Addressing problem when the SSH banner text is edited in Portal EOL characters are changed to '\\' and 'n' removing the end of lines (#623) 2024-02-22 15:58:45 -08:00
Marius Niculescu dca7c8379e
Empty string values in sshd_config can block sshd from starting (#622) 2024-02-22 10:03:02 -08:00
Marius Niculescu 8e343c7444
Updating the SSH policy definition (#621) 2024-02-21 19:20:41 -08:00
Marius Niculescu b4f7a78933
Updating the SSH policy definition and MOF to expand customizable parameters for all 20 checks (#620) 2024-02-20 14:28:02 -08:00
saicharithc fbdc3c965c
Adding a bash script to reinstall the openssh server and update osconfig (#619) 2024-02-15 15:43:42 -08:00
Marius Niculescu fc5ea56517
Updatng the display name for the preview SSH policy definition (#618) 2024-02-15 13:38:38 -08:00
Marius Niculescu 0a3c1d4207
Publishing the SSH policy defintion for the 2402 preview (#617) 2024-02-15 12:16:19 -08:00
Ahmed Messaoud e676aa7786
Fix RPM package versioning (#616) 2024-02-15 10:38:54 -08:00
Ahmed Messaoud 9179c9d33c
fixed conditional issue (#615) 2024-02-14 11:44:36 -08:00
Marius Niculescu 830b55e36c
Adding use of backup for original SSH server configuration and more stabilization for the SSH server security policy (#614) 2024-02-13 13:41:49 -08:00
Marius Niculescu 082f38293f
Improving parsing for OpenSSH server responses and not overwriting UsePAM (#613) 2024-02-12 14:09:06 -08:00
Marius Niculescu 2c821087ae
Completing making the Universal NRP build on Ubuntu 14 from the main branch (#612) 2024-02-12 11:17:41 -08:00
Ahmed Messaoud 2b3fb0126c
Added RPM support (#609) 
* Added RPM support
 2024-02-09 15:13:19 -08:00
Marius Niculescu e39e96f345
Fixing SSH fallback initialization (#611) 2024-02-09 09:23:44 -08:00
Marius Niculescu 4e319f7e67
Stabilizing checking SSH protocol depending on server's OpenSSH version (#610) 2024-02-08 15:22:20 -08:00
Robert Schaedler III 8932e7e918
Add explicit token permissions for publishing reports (#607) 2024-02-07 17:39:43 -08:00
Marius Niculescu 16237f2562
Refactoring saving remediation for SSH policy depending on the OpenSSH version implemented by the SSH server (#608) 2024-02-07 17:36:13 -08:00
Marius Niculescu e3e2ae430e
Adding a 20th check (SSH port) to the SSH Server Security Policy (#606) 2024-02-06 11:15:48 -08:00
Ahmed Messaoud 3998f7f249
Added mariner amd64 container (#605) 2024-02-05 10:42:49 -08:00
Robert Schaedler III 0896e3e2d0
Remove unused build-container workflow steps (#604) 2024-02-05 09:12:11 -08:00
Marius Niculescu 6caccd7af3
Exposing a new initialization MIM object name in the Universal NRP Resource Class (#603) 2024-02-02 18:06:31 -08:00
Marius Niculescu aede8cfa46
Fixing SecurityBaseline overwrite of EnsurePermissionsOnEtcSshSshdConfig with EnsureSshHostbasedAuthenticationIsDisabled (#602) 2024-02-01 11:34:42 -08:00
Robert Schaedler III b3a514e3fd
Temporarily removing Ubuntu 22.04 from the E2E tests due to AIS unavailability (#601) 2024-01-30 10:33:01 -08:00
Marius Niculescu 6833270e94
Updating the artifacts package name and the ConfigurationName in the policy MOF for the SSH server policy (#600) 2024-01-29 17:09:05 -08:00
Marius Niculescu ebcd131882
Protecting against potential integer overflow for payload size received from IoT Hub (#599) 2024-01-26 13:43:02 -08:00
Ahmed Messaoud e52c447bae
Fixed ubuntu 22.04 amd64 image (#598) 2024-01-25 21:19:44 -08:00
Marius Niculescu 8e77f37c5e
Adding the current SSH policy definition with the SAS token and file hash removed and updating the Universal NRP documentation to reference it (#596) 2024-01-24 18:50:03 -08:00
Marius Niculescu d94f2cb5fb
Fixing collision between SSH fallback and OSConfig initialization routes (#597) 2024-01-24 18:49:50 -08:00
Marius Niculescu bc4577572a
Bug fix and documentation update (#594) 2024-01-24 17:09:52 -08:00
Marius Niculescu b4916f9e1f
Making the SecurityBaseline module to accept initialization for the SSH policy audit checks (#593) 2024-01-24 15:15:41 -08:00
Marius Niculescu 075b01413c
Making the audit for users and groups allowed and denied for SSH to accept multiple entries from sshd (#592) 2024-01-23 18:13:48 -08:00
Marius Niculescu 5654405f8b
Adding initialization for SSH policy parameter values in fallback case (#591) 2024-01-23 13:28:41 -08:00
Ahmed Messaoud bef8aef76b
Added Ubuntu 22.04 Jammy amd64/arm64 to packaging workflows (#590) 
* Added Ubuntu 22.04 Jammy (amd64/arm64) to packaging workflows. Will now get published in insiders-fast and prod channels on packages.microsoft.com
 2024-01-19 10:50:39 -08:00
Marius Niculescu 3a758ee634
Stabilizing the SSH Policy implementation (#588) 2024-01-12 14:26:49 -08:00
Marius Niculescu 898e9708a0
Refactoring the remediation for the SSH policy checks (#587) 2024-01-11 10:37:17 -08:00
dependabot[bot] f1ffe28069
Bump tj-actions/changed-files in /.github/workflows (#586) 
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 35.7.0 to 41.0.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](https://github.com/tj-actions/changed-files/compare/v35.7.0...v41.0.0)

---
updated-dependencies:
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-03 09:09:25 -08:00
Marius Niculescu f5846977a7
Improving use of the getgrouplist function to avoid Security Baseline audit failures on systems with abnormal number of groups per user (#585) 2023-12-15 14:24:57 -08:00
Marius Niculescu 508b7b53a7
Consolidating access for the SSH server banner file for audit and automatic remediation (#584) 2023-12-14 11:19:48 -08:00