Run tasks and plans
You can run tasks and plans to obtain a wide variety of information about your system. In some cases, the information that you obtain can be used to help you manually configure controls.
The following tasks and plans are supported by the SCE for Linux module.
Task or plan | Additional information |
Tasks listed in the Reference section on Puppet Forge |
|
The linux_users_and_groups plan |
|
The run_audit plan | You can run this plan to initiate a series of auditing tasks. For details, see Auditing and querying issues identified during scans. |
SCE for Linux does not automatically enforce all controls in CIS Benchmarks because system environments differ, and automatic enforcement of some controls might lead to operational issues. For a full list of all controls in a CIS Benchmark, see the Center for Internet Security website.
Before you manually configure a control, review the control number to determine the section that the control belongs to. For example, if the control number is 6.2.1, the control belongs to section 6.2. Then, review the following table to verify whether that section uses tasks or plans.
Operating system | Control section |
AlmaLinux 8 | 6.2 |
AlmaLinux 9 | 7.2 |
Oracle Linux 7 | 6.2 |
Oracle Linux 8 | 6.2 |
Oracle Linux 9 | 7.2 |
Red Hat Enterprise Linux (RHEL) 7 | 6.2 |
RHEL 8 | 6.2 |
RHEL 9 | 7.2 |
Rocky Linux 8 | 6.2 |
Rocky Linux 9 | 7.2 |
Ubuntu Linux 20.04 | 6.2 |
Ubuntu Linux 22.04 | 7.2 |