Merge pull request #14032 from teacup-on-rockingchair/sle16_fix_rsyslog_remote_loghost

teacup-on-rockingchair · web-flow · commit 8a4b85ffccc3 · 2025-11-10T17:28:53.000+02:00
Sle16 fix rsyslog remote loghost
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/sle.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/sle.yml
@@ -28,7 +28,7 @@
     regexp: "^\\*\\.\\*\\s+.*$"
     state: absent
   loop: "{{  rsyslog_dropin_config_files.files }}"
-  
+
 - name: "Set rsyslog remote loghost"
   ansible.builtin.lineinfile:
     dest: /etc/rsyslog.d/remote.conf
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/sle.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/sle.sh
diff --git a/products/sle16/controls/base_sle16.yml b/products/sle16/controls/base_sle16.yml
@@ -9,5 +9,6 @@ reference_type: suse-base-sle16
 levels:
     - id: pcidss4
     - id: anssi_minimal
+    - id: hipaa
 
 product: sle16
diff --git a/products/sle16/controls/base_sle16/0500_audit.yml b/products/sle16/controls/base_sle16/0500_audit.yml
@@ -0,0 +1,28 @@
+#
+# A group of rules regarding audit operating system functionality
+#
+# SLES-16 ids allocated for this group from SLES-16-16016500 till SLES-16-16016699
+#
+
+controls:
+    - id: SLES-16-16016500
+      levels:
+          - hipaa
+      title: Enable the selinuxuser_execmod SELinux Boolean in SLE16
+      rules:
+          - sebool_selinuxuser_execmod
+      status: automated
+    - id: SLES-16-16016505
+      levels:
+          - hipaa
+      title: Enable service for audit logs in SLE16
+      rules:
+          - service_auditd_enabled
+      status: automated
+    - id: SLES-16-16016510
+      levels:
+          - hipaa
+      title: Enable remote logging functionality in SLE16
+      rules:
+          - rsyslog_remote_loghost
+      status: automated
diff --git a/shared/templates/sebool/ansible.template b/shared/templates/sebool/ansible.template
@@ -1,12 +1,12 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,SUSE Linux Enterprise 15
+# platform = multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,SUSE Linux Enterprise 15,SUSE Linux Enterprise 16
 # reboot = false
 # strategy = enable
 # complexity = low
 # disruption = low
 
 {{% if product in ['ol8', 'ol9', 'rhel8', 'rhel9', 'rhel10'] %}}
 {{% set PACKAGE_NAME = "python3-libsemanage" %}}
-{{% elif product == "sle15" %}}
+{{% elif product in [ "sle15", "sle16" ] %}}
 {{% set PACKAGE_NAME = "policycoreutils" %}}
 {{% else %}}
 {{% set PACKAGE_NAME = "libsemanage-python" %}}
diff --git a/shared/templates/sebool/bash.template b/shared/templates/sebool/bash.template
@@ -1,12 +1,12 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,SUSE Linux Enterprise 15
+# platform = multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,SUSE Linux Enterprise 15,SUSE Linux Enterprise 16
 # reboot = false
 # strategy = enable
 # complexity = low
 # disruption = low
 
 {{% if product in ['ol8', 'ol9', 'rhel8', 'rhel9', 'rhel10'] %}}
 {{{ bash_package_install("python3-libsemanage") }}}
-{{% elif product == "sle15" %}}
+{{% elif product in [ "sle15", "sle16" ] %}}
 {{{ bash_package_install("policycoreutils") }}}
 {{{ bash_package_install("policycoreutils-python-utils") }}}
 {{{ bash_package_install("selinux-tools") }}}
