UBTU-20-010013 - The Ubuntu operating system must automatically terminate a user session after inactivity timeouts have expired.
UBTU-20-010072 - The Ubuntu operating system must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts have been made.
UBTU-20-010100 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.
UBTU-20-010101 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.
UBTU-20-010102 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.
UBTU-20-010103 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.
UBTU-20-010104 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd.
UBTU-20-010136 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the su command.
UBTU-20-010137 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chfn command.
UBTU-20-010138 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the mount command.
UBTU-20-010139 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the umount command.
UBTU-20-010140 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the ssh-agent command.
UBTU-20-010141 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the ssh-keysign command.
UBTU-20-010148 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls - b32
UBTU-20-010148 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls - b64
UBTU-20-010152 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls - b32
UBTU-20-010152 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls - b64
UBTU-20-010161 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the sudo command.
UBTU-20-010162 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the sudoedit command.
UBTU-20-010163 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chsh command.
UBTU-20-010164 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the newgrp command.
UBTU-20-010165 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chcon command.
UBTU-20-010166 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the apparmor_parser command.
UBTU-20-010167 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the setfacl command.
UBTU-20-010168 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chacl command.
UBTU-20-010172 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the passwd command.
UBTU-20-010173 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the unix_update command.
UBTU-20-010174 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the gpasswd command.
UBTU-20-010175 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chage command.
UBTU-20-010176 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the usermod command.
UBTU-20-010177 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the crontab command.
UBTU-20-010178 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the pam_timestamp_check command.
UBTU-20-010179 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the init_module and finit_module syscalls - b32
UBTU-20-010179 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the init_module and finit_module syscalls - b64
UBTU-20-010205 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - audispd
UBTU-20-010205 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - auditctl
UBTU-20-010205 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - auditd
UBTU-20-010205 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - augenrules
UBTU-20-010205 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - aureport
UBTU-20-010205 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - ausearch
UBTU-20-010205 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - autrace
UBTU-20-010244 - The Ubuntu operating system must generate audit records for privileged activities, nonlocal maintenance, diagnostic sessions and other system-level access.
UBTU-20-010277 - The Ubuntu operating system must generate audit records for the /var/log/wtmp file.
UBTU-20-010278 - The Ubuntu operating system must generate audit records for the /var/run/utmp file.
UBTU-20-010279 - The Ubuntu operating system must generate audit records for the /var/log/btmp file.
UBTU-20-010298 - The Ubuntu operating system must generate audit records when successful/unsuccessful attempts to use the fdisk command.
Miscellaneous
Metadata updated.
References updated.
Added
UBTU-20-010155 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls
UBTU-20-010267 - The Ubuntu operating system must generate audit records for any successful/unsuccessful use of unlink, unlinkat, rename, renameat, and rmdir system calls
Removed
UBTU-20-010155 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls - b32 EACCES
UBTU-20-010155 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls - b32 EPERM
UBTU-20-010155 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls - b64 EACCES
UBTU-20-010155 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls - b64 EPERM
UBTU-20-010267 - The Ubuntu operating system must generate audit records for any successful/unsuccessful use of unlink, unlinkat, rename, renameat, and rmdir system calls - b32
UBTU-20-010267 - The Ubuntu operating system must generate audit records for any successful/unsuccessful use of unlink, unlinkat, rename, renameat, and rmdir system calls - b64