From 2fe060ae47a1f17e01d64cf9253edddb9d13cdca Mon Sep 17 00:00:00 2001
From: Gabriel Becker <ggasparb@redhat.com>
Date: Mon, 17 May 2021 11:56:08 +0200
Subject: [PATCH] Remove audit_privileged_commands from RHEL7 STIG profile.

This rule is not aligned with latest version of RHEL7 STIG and should be
removed from the profile.
---
 .../audit_rules_privileged_commands/rule.yml                     | 1 -
 rhel7/profiles/stig.profile                                      | 1 -
 2 files changed, 2 deletions(-)

diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/rule.yml
index fb294f20821..cf997bbcf4a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/rule.yml
@@ -53,7 +53,6 @@ references:
     pcidss: Req-10.2.2
     srg: SRG-OS-000327-GPOS-00127
     vmmsrg: SRG-OS-000471-VMM-001910
-    stigid@rhel7: RHEL-07-030360
     isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 3.9,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6'
     isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.5,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.3.4.5.9,4.4.2.1,4.4.2.2,4.4.2.4
     cobit5: APO08.04,APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.05,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01
diff --git a/rhel7/profiles/stig.profile b/rhel7/profiles/stig.profile
index 336bf98e7f7..d3b33615415 100644
--- a/rhel7/profiles/stig.profile
+++ b/rhel7/profiles/stig.profile
@@ -181,7 +181,6 @@ selections:
     - auditd_data_retention_space_left
     - auditd_data_retention_space_left_action
     - auditd_data_retention_action_mail_acct
-    - audit_rules_privileged_commands
     - audit_rules_dac_modification_chown
     - audit_rules_dac_modification_fchown
     - audit_rules_dac_modification_lchown