{"description": "At a minimum, the audit system should collect the execution of\nSELinux privileged commands for all users and root.", "warnings": [], "requires": [], "conflicts": [], "values": {}, "groups": {}, "rules": ["audit_rules_execution_chcon", "audit_rules_execution_restorecon", "audit_rules_execution_rm", "audit_rules_execution_semanage", "audit_rules_execution_setfiles", "audit_rules_execution_setsebool", "audit_rules_execution_seunshare"], "platform": "", "platforms": [], "inherited_platforms": ["package[audit]", "system_with_kernel"], "cpe_platform_names": [], "title": "Record Execution Attempts to Run SELinux Privileged Commands", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/group.yml"}