Merge pull request #14334 from mrkanon/ol9-stig-updates

Mab879 · web-flow · commit 1ebc1649b832 · 2026-01-27T07:41:13.000-06:00
Update OL9 STIG profile
diff --git a/controls/stig_ol9.yml b/controls/stig_ol9.yml
@@ -1859,6 +1859,8 @@ controls:
       title: OL 9 SSH server configuration file must be group-owned by root.
       rules:
           - file_groupowner_sshd_config
+          - directory_groupowner_sshd_config_d
+          - file_groupowner_sshd_drop_in_config
       status: automated
 
     - id: OL09-00-002508
@@ -1867,6 +1869,8 @@ controls:
       title: OL 9 SSH server configuration file must be owned by root.
       rules:
           - file_owner_sshd_config
+          - directory_owner_sshd_config_d
+          - file_owner_sshd_drop_in_config
       status: automated
 
     - id: OL09-00-002509
@@ -1875,6 +1879,8 @@ controls:
       title: OL 9 SSH server configuration file must have mode 0600 or less permissive.
       rules:
           - file_permissions_sshd_config
+          - directory_permissions_sshd_config_d
+          - file_permissions_sshd_drop_in_config
       status: automated
 
     - id: OL09-00-002502
@@ -3258,7 +3264,7 @@ controls:
       title: OL 9 must allow only the information system security manager (ISSM) (or individuals or roles
           appointed by the ISSM) to select which auditable events are to be audited.
       rules:
-          - file_permissions_etc_audit_rulesd
+          - file_permissions_audit_configuration
       status: automated
 
     - id: OL09-00-000810
