Merge pull request #14356 from vojtapolasek/rhel9_stig_drop_rules_02_26

Mab879 · web-flow · commit a12ddd28755d · 2026-02-09T15:02:15.000-06:00
drop controls no longer present in the latest RHEL 9 STIG
diff --git a/products/rhel9/controls/stig_rhel9.yml b/products/rhel9/controls/stig_rhel9.yml
@@ -2418,14 +2418,6 @@ controls:
           - group_unique_id
       status: automated
 
-    - id: RHEL-09-411115
-      levels:
-          - medium
-      title: Local RHEL 9 initialization files must not execute world-writable programs.
-      rules:
-          - accounts_user_dot_no_world_writable_programs
-      status: automated
-
     - id: RHEL-09-412035
       levels:
           - medium
@@ -2497,14 +2489,6 @@ controls:
           - accounts_umask_etc_profile
       status: automated
 
-    - id: RHEL-09-412075
-      levels:
-          - low
-      title: RHEL 9 must display the date and time of the last successful account logon upon logon.
-      rules:
-          - display_login_attempts
-      status: automated
-
     - id: RHEL-09-412080
       levels:
           - medium
diff --git a/products/rhel9/profiles/default.profile b/products/rhel9/profiles/default.profile
@@ -590,3 +590,4 @@ selections:
     - audit_rules_var_spool_cron
     - audit_rules_login_events_tallylog
     - configure_ssh_crypto_policy
+    - accounts_user_dot_no_world_writable_programs
diff --git a/tests/data/profile_stability/rhel9/stig.profile b/tests/data/profile_stability/rhel9/stig.profile
@@ -42,7 +42,6 @@ accounts_umask_etc_csh_cshrc
 accounts_umask_etc_login_defs
 accounts_umask_etc_profile
 accounts_umask_interactive_users
-accounts_user_dot_no_world_writable_programs
 accounts_user_home_paths_only
 accounts_user_interactive_home_directory_defined
 accounts_user_interactive_home_directory_exists
@@ -185,7 +184,6 @@ disable_ctrlaltdel_reboot
 disable_host_auth
 disable_users_coredumps
 disallow_bypass_password_sudo
-display_login_attempts
 enable_authselect
 enable_dracut_fips_module
 enable_fips_mode
diff --git a/tests/data/profile_stability/rhel9/stig_gui.profile b/tests/data/profile_stability/rhel9/stig_gui.profile
@@ -42,7 +42,6 @@ accounts_umask_etc_csh_cshrc
 accounts_umask_etc_login_defs
 accounts_umask_etc_profile
 accounts_umask_interactive_users
-accounts_user_dot_no_world_writable_programs
 accounts_user_home_paths_only
 accounts_user_interactive_home_directory_defined
 accounts_user_interactive_home_directory_exists
@@ -185,7 +184,6 @@ disable_ctrlaltdel_reboot
 disable_host_auth
 disable_users_coredumps
 disallow_bypass_password_sudo
-display_login_attempts
 enable_authselect
 enable_dracut_fips_module
 enable_fips_mode
