From 6dd9a47a50f6db6086dc3a1312e94825907e007a Mon Sep 17 00:00:00 2001
From: teacup-on-rockingchair
 <315160+teacup-on-rockingchair@users.noreply.github.com>
Date: Sun, 27 Oct 2024 18:06:41 +0200
Subject: [PATCH 1/3] Fix maxpoll remediatian also for cases when maxpoll is
 negative

---
 .../services/ntp/chronyd_or_ntpd_set_maxpoll/ansible/shared.yml | 2 +-
 .../services/ntp/chronyd_or_ntpd_set_maxpoll/bash/shared.sh     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/ansible/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/ansible/shared.yml
index 187f382a78b..2c58ce0366d 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/ansible/shared.yml
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/ansible/shared.yml
@@ -58,7 +58,7 @@
 - name: "{{{ rule_title }}} - Update the maxpoll Values in {{{ chrony_d_path }}}"
   ansible.builtin.replace:
     path: "{{ item.path }}"
-    regexp: '^((?:server|pool|peer).*maxpoll)[ ]+[0-9]+(.*)$'
+    regexp: '^((?:server|pool|peer).*maxpoll)[ ]+[0-9,-]+(.*)$'
     replace: '\1 {{ var_time_service_set_maxpoll }}\2'
   loop: '{{ chrony_d_conf_files.files }}'
   when: chrony_d_conf_files.matched
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/bash/shared.sh
index cba93ccbf8d..f94d872f164 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/bash/shared.sh
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/bash/shared.sh
@@ -20,7 +20,7 @@ $pof ntpd || {
 
 for config_file in "${CONFIG_FILES[@]}" ; do
     # Set maxpoll values to var_time_service_set_maxpoll
-    sed -i "s/^\(\(server\|pool\|peer\).*maxpoll\) [0-9][0-9]*\(.*\)$/\1 $var_time_service_set_maxpoll \3/" "$config_file"
+    sed -i "s/^\(\(server\|pool\|peer\).*maxpoll\) [0-9,-][0-9]*\(.*\)$/\1 $var_time_service_set_maxpoll \3/" "$config_file"
 done
 
 for config_file in "${CONFIG_FILES[@]}" ; do

From 6f4eee0e0b3166d904d809568f09b76ca4c528f8 Mon Sep 17 00:00:00 2001
From: teacup-on-rockingchair
 <315160+teacup-on-rockingchair@users.noreply.github.com>
Date: Sun, 27 Oct 2024 18:09:45 +0200
Subject: [PATCH 2/3] Fix bug with register ansible variable causing exception

---
 .../permissions_local_var_log_audit/ansible/shared.yml          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux_os/guide/system/permissions/permissions_local/permissions_local_var_log_audit/ansible/shared.yml b/linux_os/guide/system/permissions/permissions_local/permissions_local_var_log_audit/ansible/shared.yml
index c9b0cc5c5d2..4ecde5b0e6f 100644
--- a/linux_os/guide/system/permissions/permissions_local/permissions_local_var_log_audit/ansible/shared.yml
+++ b/linux_os/guide/system/permissions/permissions_local/permissions_local_var_log_audit/ansible/shared.yml
@@ -10,7 +10,7 @@
   shell: >
     set -o pipefail
     chkstat --set --system
-  when: update_update_permissions_var_log_audit.changed
+  when: update_permissions_var_log_audit.changed
 
 {{{ ansible_lineinfile(msg='Configure permission for /var/log/audit.log', path='/etc/permissions.local', regex='^\/var\/log\/audit\/audit.log\s+root.*', insensitive=false, new_line='/var/log/audit/audit.log root:root 600', create='yes', state='present', register='update_permissions_var_log_audit_audit_log') }}}
 

From ea19d37cd0875922b4aa82c4d6f5507c8f3bcbf4 Mon Sep 17 00:00:00 2001
From: teacup-on-rockingchair
 <315160+teacup-on-rockingchair@users.noreply.github.com>
Date: Sun, 27 Oct 2024 18:12:12 +0200
Subject: [PATCH 3/3] Remediate AIDE check in SLE via settings in crontab file

---
 .../aide/aide_periodic_cron_checking/ansible/shared.yml      | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml
index d60c2e54644..4988bb69e0b 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml
@@ -27,7 +27,12 @@
 
 - name: "{{{ rule_title }}}"
   cron:
+{{% if product in ["sle12", "sle15"] %}}
+    name: "{{{ rule_title }}}"
+    cron_file: /etc/crontab
+{{% else %}}
     name: "run AIDE check"
+{{% endif %}}
     minute: 05
     hour: 04
     weekday: 0