代码拉取完成,页面将自动刷新
From b7cb3140472d99ebf52d06e76e18234dfddce08d Mon Sep 17 00:00:00 2001
From: kianli <kianli@tencent.com>
Date: Thu, 30 Nov 2023 15:28:42 +0800
Subject: [PATCH] products/ocs23: supports OpenCloudOS Stream 23
Signed-off-by: kianli <kianli@tencent.com>
---
CMakeLists.txt | 5 +
build_product | 1 +
.../package_avahi_removed/rule.yml | 2 +-
.../file_groupowner_cron_d/rule.yml | 2 +-
.../file_groupowner_cron_daily/rule.yml | 2 +-
.../file_groupowner_cron_hourly/rule.yml | 2 +-
.../file_groupowner_cron_monthly/rule.yml | 2 +-
.../file_groupowner_cron_weekly/rule.yml | 2 +-
.../file_groupowner_crontab/rule.yml | 2 +-
.../cron_and_at/file_owner_cron_d/rule.yml | 2 +-
.../file_owner_cron_daily/rule.yml | 2 +-
.../file_owner_cron_hourly/rule.yml | 2 +-
.../file_owner_cron_monthly/rule.yml | 2 +-
.../file_owner_cron_weekly/rule.yml | 2 +-
.../cron_and_at/file_owner_crontab/rule.yml | 2 +-
.../file_permissions_cron_d/rule.yml | 2 +-
.../file_permissions_cron_daily/rule.yml | 2 +-
.../file_permissions_cron_hourly/rule.yml | 2 +-
.../file_permissions_cron_monthly/rule.yml | 2 +-
.../file_permissions_cron_weekly/rule.yml | 2 +-
.../file_permissions_crontab/rule.yml | 2 +-
.../file_at_deny_not_exist/rule.yml | 2 +-
.../file_cron_deny_not_exist/rule.yml | 2 +-
.../file_groupowner_at_allow/rule.yml | 2 +-
.../file_groupowner_cron_allow/rule.yml | 2 +-
.../file_owner_at_allow/rule.yml | 2 +-
.../file_owner_cron_allow/rule.yml | 2 +-
.../file_permissions_at_allow/rule.yml | 2 +-
.../file_permissions_cron_allow/rule.yml | 2 +-
.../service_crond_enabled/rule.yml | 2 +-
.../package_dhcp_removed/rule.yml | 2 +-
.../package_bind_removed/rule.yml | 2 +-
.../dns/package_dnsmasq_removed/rule.yml | 2 +-
.../package_vsftpd_removed/rule.yml | 2 +-
.../services/ftp/package_ftp_removed/rule.yml | 2 +-
.../package_httpd_removed/rule.yml | 2 +-
.../package_nginx_removed/rule.yml | 2 +-
.../package_cyrus-imapd_removed/rule.yml | 2 +-
.../package_dovecot_removed/rule.yml | 2 +-
.../package_openldap-clients_removed/rule.yml | 2 +-
.../package_openldap-servers_removed/rule.yml | 2 +-
.../services/mail/has_nonlocal_mta/rule.yml | 2 +-
.../rule.yml | 2 +-
.../mail/service_postfix_enabled/rule.yml | 2 +-
.../service_rpcbind_disabled/rule.yml | 2 +-
.../service_nfs_disabled/rule.yml | 2 +-
.../ntp/chronyd_run_as_chrony_user/rule.yml | 2 +-
.../obsolete/package_rsync_removed/rule.yml | 2 +-
.../package_telnet-server_removed/rule.yml | 2 +-
.../telnet/package_telnet_removed/rule.yml | 2 +-
.../tftp/package_tftp-server_removed/rule.yml | 2 +-
.../tftp/package_tftp_removed/rule.yml | 2 +-
.../printing/package_cups_removed/rule.yml | 2 +-
.../package_squid_removed/rule.yml | 2 +-
.../package_samba_removed/rule.yml | 2 +-
.../package_net-snmp_removed/rule.yml | 2 +-
.../ssh/file_groupowner_sshd_config/rule.yml | 2 +-
.../ssh/file_owner_sshd_config/rule.yml | 2 +-
.../ssh/file_permissions_sshd_config/rule.yml | 2 +-
.../rule.yml | 2 +-
.../banner_etc_issue/rule.yml | 2 +-
.../banner_etc_issue_net/rule.yml | 2 +-
.../accounts-banners/banner_etc_motd/rule.yml | 2 +-
.../file_groupowner_etc_issue/rule.yml | 2 +-
.../file_groupowner_etc_issue_net/rule.yml | 2 +-
.../file_groupowner_etc_motd/rule.yml | 2 +-
.../file_owner_etc_issue/rule.yml | 2 +-
.../file_owner_etc_issue_net/rule.yml | 2 +-
.../file_owner_etc_motd/rule.yml | 2 +-
.../file_permissions_etc_issue/rule.yml | 2 +-
.../file_permissions_etc_issue_net/rule.yml | 2 +-
.../file_permissions_etc_motd/rule.yml | 2 +-
.../dconf_gnome_banner_enabled/rule.yml | 2 +-
.../dconf_gnome_login_banner_text/rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../accounts_password_pam_minclass/rule.yml | 2 +-
.../accounts_password_pam_minlen/rule.yml | 2 +-
.../accounts_password_pam_retry/rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../account_unique_id/rule.yml | 2 +-
.../group_unique_id/rule.yml | 2 +-
.../group_unique_name/rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../accounts_set_post_pw_existing/rule.yml | 2 +-
.../no_forward_files/rule.yml | 2 +-
.../ensure_pam_wheel_group_empty/rule.yml | 2 +-
.../ensure_root_password_configured/rule.yml | 2 +-
.../rule.yml | 2 +-
.../no_shelllogin_for_systemaccounts/rule.yml | 2 +-
.../use_pam_wheel_group_for_su/rule.yml | 2 +-
.../accounts-session/accounts_tmout/rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../file_ownership_home_directories/rule.yml | 2 +-
.../rule.yml | 2 +-
.../accounts_umask_etc_bashrc/rule.yml | 2 +-
.../audit_rules_execution_chacl/rule.yml | 2 +-
.../audit_rules_execution_setfacl/rule.yml | 2 +-
.../audit_rules_execution_chcon/rule.yml | 4 +-
.../audit_rules_file_deletion_events/rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../audit_rules_login_events_lastlog/rule.yml | 2 +-
.../rule.yml | 4 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../audit_sudo_log_events/rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../file_permissions_var_log_audit/rule.yml | 2 +-
.../auditing/grub2_audit_argument/rule.yml | 2 +-
.../rule.yml | 2 +-
.../file_groupowner_grub2_cfg/rule.yml | 2 +-
.../file_groupowner_user_cfg/rule.yml | 2 +-
.../non-uefi/file_owner_grub2_cfg/rule.yml | 2 +-
.../non-uefi/file_owner_user_cfg/rule.yml | 2 +-
.../file_permissions_grub2_cfg/rule.yml | 2 +-
.../file_permissions_user_cfg/rule.yml | 2 +-
.../non-uefi/grub2_password/rule.yml | 2 +-
.../file_groupowner_efi_grub2_cfg/rule.yml | 2 +-
.../uefi/file_owner_efi_grub2_cfg/rule.yml | 2 +-
.../file_permissions_efi_grub2_cfg/rule.yml | 2 +-
.../uefi/grub2_uefi_password/rule.yml | 2 +-
.../journald/journald_compress/rule.yml | 2 +-
.../journald_forward_to_syslog/rule.yml | 2 +-
.../journald/journald_storage/rule.yml | 2 +-
.../rule.yml | 2 +-
.../rsyslog_nolisten/rule.yml | 2 +-
.../logging/rsyslog_filecreatemode/rule.yml | 2 +-
.../service_firewalld_enabled/rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../set_firewalld_default_zone/rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../sysctl_net_ipv4_tcp_syncookies/rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../sysctl_net_ipv4_ip_forward/rule.yml | 2 +-
.../rule.yml | 2 +-
.../package_nftables_installed/rule.yml | 2 +-
.../service_nftables_disabled/rule.yml | 2 +-
.../set_nftables_base_chain/rule.yml | 2 +-
.../set_nftables_table/rule.yml | 2 +-
.../wireless_disable_interfaces/rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../file_permissions_ungroupowned/rule.yml | 2 +-
.../files/no_files_unowned_by_user/rule.yml | 2 +-
.../rule.yml | 2 +-
.../file_ownership_audit_binaries/rule.yml | 2 +-
.../file_permissions_audit_binaries/rule.yml | 2 +-
.../kernel_module_cramfs_disabled/rule.yml | 2 +-
.../kernel_module_squashfs_disabled/rule.yml | 2 +-
.../rule.yml | 2 +-
.../mount_option_dev_shm_noexec/rule.yml | 2 +-
.../mount_option_home_nodev/rule.yml | 2 +-
.../mount_option_home_nosuid/rule.yml | 2 +-
.../mount_option_tmp_nodev/rule.yml | 2 +-
.../mount_option_tmp_noexec/rule.yml | 2 +-
.../mount_option_tmp_nosuid/rule.yml | 2 +-
.../mount_option_var_log_audit_nodev/rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../mount_option_var_log_nodev/rule.yml | 2 +-
.../mount_option_var_log_noexec/rule.yml | 2 +-
.../mount_option_var_log_nosuid/rule.yml | 2 +-
.../mount_option_var_nodev/rule.yml | 2 +-
.../mount_option_var_nosuid/rule.yml | 2 +-
.../mount_option_var_tmp_nodev/rule.yml | 2 +-
.../mount_option_var_tmp_noexec/rule.yml | 2 +-
.../mount_option_var_tmp_nosuid/rule.yml | 2 +-
.../selinux/grub2_enable_selinux/rule.yml | 2 +-
.../package_libselinux_installed/rule.yml | 2 +-
.../selinux/package_mcstrans_removed/rule.yml | 2 +-
.../package_setroubleshoot_removed/rule.yml | 2 +-
.../selinux_confinement_of_daemons/rule.yml | 2 +-
.../selinux/selinux_policytype/rule.yml | 2 +-
.../partition_for_var_tmp/rule.yml | 2 +-
.../gnome/enable_dconf_user_profile/rule.yml | 2 +-
.../dconf_gnome_disable_user_list/rule.yml | 2 +-
.../dconf_gnome_disable_automount/rule.yml | 2 +-
.../rule.yml | 2 +-
.../dconf_gnome_disable_autorun/rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../rule.yml | 2 +-
.../gnome/package_gdm_removed/rule.yml | 2 +-
.../crypto/configure_crypto_policy/rule.yml | 2 +-
.../configure_ssh_crypto_policy/rule.yml | 2 +-
.../aide/aide_build_database/rule.yml | 2 +-
.../aide/aide_check_audit_tools/rule.yml | 2 +-
.../aide/aide_periodic_cron_checking/rule.yml | 2 +-
.../aide/package_aide_installed/rule.yml | 2 +-
.../rpm_verify_hashes/rule.yml | 2 +-
.../rpm_verify_ownership/rule.yml | 2 +-
.../rpm_verify_permissions/rule.yml | 2 +-
.../sudo/package_sudo_installed/rule.yml | 2 +-
.../sudo_require_reauthentication/rule.yml | 2 +-
.../rule.yml | 2 +-
.../security_patches_up_to_date/rule.yml | 2 +-
products/ocs23/CMakeLists.txt | 6 +
products/ocs23/product.yml | 24 +
products/ocs23/profiles/basic_server.profile | 314 +++++++++++++
.../ocs23/profiles/basic_workstation.profile | 331 ++++++++++++++
.../ocs23/profiles/enhanced_server.profile | 412 +++++++++++++++++
.../profiles/enhanced_workstation.profile | 426 ++++++++++++++++++
products/ocs23/transforms/constants.xslt | 12 +
products/ocs23/transforms/table-style.xslt | 5 +
.../ocs23/transforms/xccdf2table-cce.xslt | 9 +
.../xccdf2table-profileccirefs.xslt | 9 +
shared/checks/oval/installed_OS_is_ocs23.xml | 28 ++
.../oval/sysctl_kernel_ipv6_disable.xml | 1 +
ssg/constants.py | 6 +-
258 files changed, 1833 insertions(+), 246 deletions(-)
create mode 100644 products/ocs23/CMakeLists.txt
create mode 100755 products/ocs23/product.yml
create mode 100755 products/ocs23/profiles/basic_server.profile
create mode 100755 products/ocs23/profiles/basic_workstation.profile
create mode 100755 products/ocs23/profiles/enhanced_server.profile
create mode 100755 products/ocs23/profiles/enhanced_workstation.profile
create mode 100755 products/ocs23/transforms/constants.xslt
create mode 100644 products/ocs23/transforms/table-style.xslt
create mode 100644 products/ocs23/transforms/xccdf2table-cce.xslt
create mode 100644 products/ocs23/transforms/xccdf2table-profileccirefs.xslt
create mode 100755 shared/checks/oval/installed_OS_is_ocs23.xml
diff --git a/CMakeLists.txt b/CMakeLists.txt
index fdb16d16f9..4758afd758 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -88,6 +88,7 @@ option(SSG_PRODUCT_FEDORA "If enabled, the Fedora SCAP content will be built" ${
option(SSG_PRODUCT_FIREFOX "If enabled, the Firefox SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
option(SSG_PRODUCT_MACOS1015 "If enabled, the Apple macOS 10.15 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
option(SSG_PRODUCT_OCP4 "If enabled, the OCP4 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
+option(SSG_PRODUCT_OCS23 "If enabled, the OpenCloudOS Stream 23 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
option(SSG_PRODUCT_RHCOS4 "If enabled, the RHCOS4 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
option(SSG_PRODUCT_OL7 "If enabled, the Oracle Linux 7 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
option(SSG_PRODUCT_OL8 "If enabled, the Oracle Linux 8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
@@ -308,6 +309,7 @@ message(STATUS "Fedora: ${SSG_PRODUCT_FEDORA}")
message(STATUS "Firefox: ${SSG_PRODUCT_FIREFOX}")
message(STATUS "MacOS 1015: ${SSG_PRODUCT_MACOS1015}")
message(STATUS "OCP4: ${SSG_PRODUCT_OCP4}")
+message(STATUS "OCS23: ${SSG_PRODUCT_OCS23}")
message(STATUS "RHCOS4: ${SSG_PRODUCT_RHCOS4}")
message(STATUS "Oracle Linux 7: ${SSG_PRODUCT_OL7}")
message(STATUS "Oracle Linux 8: ${SSG_PRODUCT_OL8}")
@@ -401,6 +403,9 @@ endif()
if(SSG_PRODUCT_OCP4)
add_subdirectory("products/ocp4" "ocp4")
endif()
+if(SSG_PRODUCT_OCS23)
+ add_subdirectory("products/ocs23" "ocs23")
+endif()
if(SSG_PRODUCT_RHCOS4)
add_subdirectory("products/rhcos4" "rhcos4")
endif()
diff --git a/build_product b/build_product
index 8086327d39..67eab68bc7 100755
--- a/build_product
+++ b/build_product
@@ -332,6 +332,7 @@ all_cmake_products=(
FEDORA
FIREFOX
OCP4
+ OCS23
RHCOS4
OL7
OL8
diff --git a/linux_os/guide/services/avahi/disable_avahi_group/package_avahi_removed/rule.yml b/linux_os/guide/services/avahi/disable_avahi_group/package_avahi_removed/rule.yml
index ae6e5f38f2..fe36bcb9ce 100644
--- a/linux_os/guide/services/avahi/disable_avahi_group/package_avahi_removed/rule.yml
+++ b/linux_os/guide/services/avahi/disable_avahi_group/package_avahi_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: ocs23,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall avahi Server Package'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml
index 3abb92ca1d..bba9d586cc 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns cron.d'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml
index 5b40e432e7..85bb8ed7be 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns cron.daily'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml
index 2877f4aa00..2a23d207af 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns cron.hourly'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml
index 25c41071ed..0c623eef38 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns cron.monthly'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml
index 4e056865ec..a6d5d44dd2 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns cron.weekly'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml
index 5fab0e08a9..141530fdde 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns Crontab'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml
index 4ce6712bc3..5eb9c73765 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Owner on cron.d'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml
index da0613579b..3a7bc636c8 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Owner on cron.daily'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml
index 58b092a83f..21a6f98165 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Owner on cron.hourly'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml
index 37c27b0e3e..cab75bf2eb 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Owner on cron.monthly'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml
index 96523acc54..b20a55648f 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Owner on cron.weekly'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml
index aac564b93d..37b2eda618 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Owner on crontab'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml
index b549b5db9d..0af2f11132 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on cron.d'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml
index ae37098acc..96e03c2aab 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on cron.daily'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml
index 1472b32542..206476aad5 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on cron.hourly'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml
index 3d2c23d256..4267ad4b25 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on cron.monthly'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml
index 04c6ec1322..d5f1736609 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on cron.weekly'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml
index e83a9cc4a6..9be6c346e6 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on crontab'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml
index df8e8a93cc..9ff0b783aa 100644
--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml
+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
title: 'Ensure that /etc/at.deny does not exist'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml
index 48ccf96dd1..9afd0ab8b7 100644
--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml
+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
title: 'Ensure that /etc/cron.deny does not exist'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml
index 23ccbede63..055df175cd 100644
--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml
+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,openembedded,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,openembedded,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns /etc/at.allow file'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml
index 7d6d38ed50..6f1bef5ab3 100644
--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml
+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns /etc/cron.allow file'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_allow/rule.yml
index 7a96ab251c..3210f49f66 100644
--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_allow/rule.yml
+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_allow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,openembedded,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,openembedded,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify User Who Owns /etc/at.allow file'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml
index 7ece85c3f5..b58951a796 100644
--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml
+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify User Who Owns /etc/cron.allow file'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml
index 8a99a0aaa8..d73aec2f0b 100644
--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml
+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,openembedded,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,openembedded,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on /etc/at.allow file'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml
index f741157549..1dc0a06e61 100644
--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml
+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on /etc/cron.allow file'
diff --git a/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml b/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml
index cf9de8728b..e610557be3 100644
--- a/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml
+++ b/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4
title: 'Enable cron Service'
diff --git a/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml b/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml
index cd80412b37..981b422b41 100644
--- a/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml
+++ b/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall DHCP Server Package'
diff --git a/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml b/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml
index bdd1abb40d..5012b11844 100644
--- a/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml
+++ b/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204,uos20
title: 'Uninstall bind Package'
diff --git a/linux_os/guide/services/dns/package_dnsmasq_removed/rule.yml b/linux_os/guide/services/dns/package_dnsmasq_removed/rule.yml
index a053110a77..a67566bda7 100644
--- a/linux_os/guide/services/dns/package_dnsmasq_removed/rule.yml
+++ b/linux_os/guide/services/dns/package_dnsmasq_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: ocs23,rhel9
title: 'Uninstall dnsmasq Package'
diff --git a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
index 305dd07e9b..93d3e0c1af 100644
--- a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
+++ b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall vsftpd Package'
diff --git a/linux_os/guide/services/ftp/package_ftp_removed/rule.yml b/linux_os/guide/services/ftp/package_ftp_removed/rule.yml
index 7260ec3c44..e8f97b63b4 100644
--- a/linux_os/guide/services/ftp/package_ftp_removed/rule.yml
+++ b/linux_os/guide/services/ftp/package_ftp_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: ocs23,rhel9
title: 'Remove ftp Package'
diff --git a/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml b/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml
index 3dc72ddd5c..4a50fc4b7d 100644
--- a/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml
+++ b/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall httpd Package'
diff --git a/linux_os/guide/services/http/disabling_nginx/package_nginx_removed/rule.yml b/linux_os/guide/services/http/disabling_nginx/package_nginx_removed/rule.yml
index 171b5262d8..3481099e00 100644
--- a/linux_os/guide/services/http/disabling_nginx/package_nginx_removed/rule.yml
+++ b/linux_os/guide/services/http/disabling_nginx/package_nginx_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,rhel8,rhel9,ubuntu2004,ubuntu2204
title: 'Uninstall nginx Package'
diff --git a/linux_os/guide/services/imap/disabling_cyrus-imapd/package_cyrus-imapd_removed/rule.yml b/linux_os/guide/services/imap/disabling_cyrus-imapd/package_cyrus-imapd_removed/rule.yml
index 9d039807d2..2e4aaee632 100644
--- a/linux_os/guide/services/imap/disabling_cyrus-imapd/package_cyrus-imapd_removed/rule.yml
+++ b/linux_os/guide/services/imap/disabling_cyrus-imapd/package_cyrus-imapd_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,rhel8,rhel9,ubuntu2004,ubuntu2204
title: 'Uninstall cyrus-imapd Package'
diff --git a/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml b/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml
index 87b82fee63..41a1da4c7a 100644
--- a/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml
+++ b/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,fedora,ocs23,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall dovecot Package'
diff --git a/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml b/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml
index e1670ac5bc..bd6986df1b 100644
--- a/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml
+++ b/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml
@@ -8,7 +8,7 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Ensure LDAP client is not installed'
diff --git a/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml b/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml
index 5bd56f76b7..5f5763496c 100644
--- a/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml
+++ b/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml
@@ -11,7 +11,7 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: ocs23,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Uninstall openldap-servers Package'
diff --git a/linux_os/guide/services/mail/has_nonlocal_mta/rule.yml b/linux_os/guide/services/mail/has_nonlocal_mta/rule.yml
index 5656934710..38532ae487 100644
--- a/linux_os/guide/services/mail/has_nonlocal_mta/rule.yml
+++ b/linux_os/guide/services/mail/has_nonlocal_mta/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: ocs23,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
title: 'Ensure Mail Transfer Agent is not Listening on any non-loopback Address'
diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml
index ee399a3607..c73247d6da 100644
--- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml
+++ b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Postfix Network Listening'
diff --git a/linux_os/guide/services/mail/service_postfix_enabled/rule.yml b/linux_os/guide/services/mail/service_postfix_enabled/rule.yml
index 40e23a91d8..36d4ea6fc0 100644
--- a/linux_os/guide/services/mail/service_postfix_enabled/rule.yml
+++ b/linux_os/guide/services/mail/service_postfix_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Postfix Service'
diff --git a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml
index b39ef27737..7a09584a11 100644
--- a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,openembedded,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,openembedded,rhel7,rhel8,rhel9,sle12,sle15
title: 'Disable rpcbind Service'
diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml
index 819cb4377b..6c54d268db 100644
--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,openembedded,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,openembedded,rhel7,rhel8,rhel9,sle12,sle15
title: 'Disable Network File System (nfs)'
diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml
index 9a5bb23df2..8a77109928 100644
--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml
+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure that chronyd is running under chrony user account'
diff --git a/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml b/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml
index b7beb612c2..441fb96e10 100644
--- a/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml
@@ -6,7 +6,7 @@
documentation_complete: true
-prodtype: fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall rsync Package'
diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
index bba0c3e05c..629e090cb3 100644
--- a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
title: 'Uninstall telnet-server Package'
diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml
index 2571d5072e..4119cb50ea 100644
--- a/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Remove telnet Clients'
diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
index 1115d43c3d..5cb4d18e38 100644
--- a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
title: 'Uninstall tftp-server Package'
diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml
index acb3177bb2..13d851b316 100644
--- a/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
title: 'Remove tftp Daemon'
diff --git a/linux_os/guide/services/printing/package_cups_removed/rule.yml b/linux_os/guide/services/printing/package_cups_removed/rule.yml
index df44086ff7..1f2f42c368 100644
--- a/linux_os/guide/services/printing/package_cups_removed/rule.yml
+++ b/linux_os/guide/services/printing/package_cups_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: ocs23,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall CUPS Package'
diff --git a/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml b/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml
index c2cc9410c7..ae2f3c5295 100644
--- a/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml
+++ b/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall squid Package'
diff --git a/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml b/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml
index 969859d124..801c7eb10c 100644
--- a/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml
+++ b/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall Samba Package'
diff --git a/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml b/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml
index fd5ec3458d..597af092cf 100644
--- a/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml
+++ b/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: debian10,debian11,debian12,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: debian10,debian11,debian12,fedora,ocs23,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall net-snmp Package'
diff --git a/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml
index 2c8b7c0b1e..30c92d1838 100644
--- a/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml
+++ b/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns SSH Server config file'
diff --git a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml
index 8d406583c6..1a6f6304cc 100644
--- a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml
+++ b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Owner on SSH Server config file'
diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml
index 876bd0a387..9dccaaa2c4 100644
--- a/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml
+++ b/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on SSH Server config file'
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml
index 170f89fc06..26520d5625 100644
--- a/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Remove the X Windows Package Group'
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
index d360b5075a..dae07906b9 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Modify the System Login Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml
index 2e79e27b8d..bcdec62b45 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Modify the System Login Banner for Remote Connections'
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml
index 6ed4cf17a5..83dd3dd216 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Modify the System Message of the Day Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml
index 3dd5e84eae..62e1e24122 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Ownership of System Login Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml
index 2db45cb0cb..7f33d0bbee 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Ownership of System Login Banner for Remote Connections'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml
index c73633158e..aa98f54612 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Ownership of Message of the Day Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml
index 5b07479c5c..86601fa00e 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify ownership of System Login Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml
index d46962ef7c..41b0878a81 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify ownership of System Login Banner for Remote Connections'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml
index cbae406c8c..873f936c58 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify ownership of Message of the Day Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml
index 75c8af31e8..defbdde7a1 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify permissions on System Login Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml
index ec1ac7b8cf..cb5647cc46 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify permissions on System Login Banner for Remote Connections'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml
index 332d254f3d..a58b90135d 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify permissions on Message of the Day Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
index 6bfe3b563b..5f21b65799 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable GNOME3 Login Warning Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
index 649db8e37e..b89452c189 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set the GNOME3 Login Warning Banner Text'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
index 2d51b02855..c4b421d807 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4
title: 'Limit Password Reuse: password-auth'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
index e8d0f0eba3..54b7aa84c7 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4
title: 'Limit Password Reuse: system-auth'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
index 42e2d0f258..c4864ad1a7 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2204
+prodtype: fedora,ol7,ocs23,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2204
title: 'Lock Accounts After Failed Password Attempts'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
index 2b554ef257..76a18d8f27 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2204
title: 'Set Lockout Time for Failed Password Attempts'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
index 9001110735..e5943b4a9e 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
title: 'Ensure PAM Enforces Password Requirements - Minimum Different Categories'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
index 59bc15a46d..b1f0065a11 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
title: 'Ensure PAM Enforces Password Requirements - Minimum Length'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
index 1158110d99..f652d2a58e 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
title: 'Ensure PAM Enforces Password Requirements - Authentication Retry Prompts Permitted Per-Session'
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
index c7c68899f7..685746717c 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set Password Hashing Algorithm in /etc/login.defs'
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
index 44a2ad62eb..faac56e705 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
title: "Set PAM''s Password Hashing Algorithm - password-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
index 403d7f8a0c..37fc101453 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15
title: "Set PAM''s Password Hashing Algorithm"
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
index 0845a0f1a6..1d63937bb3 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set Account Expiration Following Inactivity'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
index 3d1c3ff28a..44962ff65f 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure All Accounts on the System Have Unique User IDs'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml
index 854f7e0e95..58ad8752a0 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol9,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure All Groups on the System Have Unique Group ID'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml
index fb3ac03929..0f2674d415 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,openembedded,rhel7,rhel8,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,openembedded,rhel7,rhel8,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure All Groups on the System Have Unique Group Names'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
index c771a6d623..fe9663463b 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set Existing Passwords Maximum Age'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
index b8a466c0e5..e70572439a 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set Existing Passwords Minimum Age'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_warn_age_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_warn_age_existing/rule.yml
index 2a2bdbdd1e..1036855413 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_warn_age_existing/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_warn_age_existing/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle12,sle15
+prodtype: ocs23,rhel7,rhel8,rhel9,sle12,sle15
title: "Set Existing Passwords Warning Age"
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_set_post_pw_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_set_post_pw_existing/rule.yml
index 91f8efa7cd..e1dd4d63ed 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_set_post_pw_existing/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_set_post_pw_existing/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle12,sle15
+prodtype: ocs23,rhel7,rhel8,rhel9,sle12,sle15
title: 'Set existing passwords a period of inactivity before they been locked'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml
index 46acbd9973..fabf15cd1a 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,ocs23,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify No .forward Files Exist'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/rule.yml
index d7bae1e31f..742e4eb401 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: ocs23,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_root_password_configured/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_root_password_configured/rule.yml
index 5fae996278..85e301f6f8 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_root_password_configured/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_root_password_configured/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9,ubuntu2004,ubuntu2204
+prodtype: ocs23,rhel9,ubuntu2004,ubuntu2204
title: 'Ensure Authentication Required for Single User Mode'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_password_auth_for_systemaccounts/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_password_auth_for_systemaccounts/rule.yml
index a17355f18b..5c653c2764 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_password_auth_for_systemaccounts/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_password_auth_for_systemaccounts/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
title: 'Ensure that System Accounts Are Locked'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
index 9533baeb46..df689f6cae 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure that System Accounts Do Not Run a Shell Upon Login'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/rule.yml
index ce8353fcc8..9b670d0574 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: ocs23,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enforce Usage of pam_wheel with Group Parameter for su Authentication'
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
index f8b4c743a4..bfbab8db62 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set Interactive Session Timeout'
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
index 11dc1815e7..73b735c12d 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
title: 'User Initialization Files Must Not Run World-Writable Programs'
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
index 575fdd0f9f..65fd4b620a 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'All Interactive Users Home Directories Must Exist'
diff --git a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
index 49e948657d..59995845a6 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'All Interactive User Home Directories Must Be Group-Owned By The Primary Group'
diff --git a/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml
index d8664852ee..73ad0681b3 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,openembedded,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,openembedded,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'All Interactive User Home Directories Must Be Owned By The Primary User'
diff --git a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
index 72bef78d2d..df47588a76 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'All Interactive User Home Directories Must Have mode 0750 Or Less Permissive'
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
index b6217fd82d..64f1b5c9c2 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure the Default Bash Umask is Set Correctly'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml
index 9c0485da0b..b2f2baa1b8 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ocs23,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Any Attempts to Run chacl'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml
index 1163c31b57..541a295501 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ocs23,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Any Attempts to Run setfacl'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
index 060152cbc1..cdef2ca6b1 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ocs23", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Any Attempts to Run chcon'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml
index f73bde5d95..7a9f2f7289 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
title: 'Ensure auditd Collects File Deletion Events by User'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml
index 09b57a6123..d7355a83b7 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
title: 'Ensure auditd Collects Unauthorized Access Attempts to Files (unsuccessful)'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
index 5d4f9fd42f..c878236db2 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Unsuccessful Access Attempts to Files - creat'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
index c062e894bb..9ddd9e4051 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Unsuccessful Access Attempts to Files - ftruncate'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
index cf6c0b586e..b9062614b8 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Unsuccessful Access Attempts to Files - open'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
index e5b1c92fad..d996e00de7 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Unsuccessful Access Attempts to Files - open_by_handle_at'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
index 48248df906..4c84177f7e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ol7,ocs23,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Unsuccessful Access Attempts to Files - openat'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
index 243dc9e6fe..1517f59af6 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Unsuccessful Access Attempts to Files - truncate'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml
index 0b25912be5..c26404ea9e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
title: 'Ensure auditd Collects Information on Kernel Module Loading and Unloading'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml
index a134247c0e..ad7a5bf696 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,ol7,rhel7,rhel8,rhel9
+prodtype: alinux3,ocs23,ol7,rhel7,rhel8,rhel9
title: 'Ensure auditd Collects Information on Kernel Module Unloading - create_module'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
index 3ee3306088..3bea8cf099 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on Kernel Module Unloading - delete_module'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
index f34eb59008..bb38d85dea 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
index 9b0ba2ac49..6a08d3b665 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on Kernel Module Loading - init_module'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/rule.yml
index 281f0021b3..1a261c9900 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel8,rhel9
+prodtype: ocs23,rhel8,rhel9
title: 'Ensure auditd Collects Information on Kernel Module Loading and Unloading - query_module'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
index 151d58763c..2f7e7c60ad 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,debian10,debian11,debian12,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,debian10,debian11,debian12,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
title: 'Record Attempts to Alter Logon and Logout Events - faillock'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
index 40fe9d0824..7975edd19c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,debian10,debian11,debian12,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,debian10,debian11,debian12,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Attempts to Alter Logon and Logout Events - lastlog'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml
index c54b25cabc..2e7fe8e682 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["ol7", "rhel7", "rhel8", "rhel9"] %}}
+{{%- if product in ["ocs23", "ol7", "rhel7", "rhel8", "rhel9"] %}}
{{%- set kmod_audit="-a always,exit -F path=/usr/bin/kmod -F perm=x -F auid>=" ~ uid_min ~ " -F auid!=unset -F key=privileged" %}}
{{%- else %}}
{{%- set kmod_audit="-w /usr/bin/kmod -p x -k modules" %}}
@@ -6,7 +6,7 @@
documentation_complete: true
-prodtype: alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - kmod'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml
index 258cdbafbd..de970142ca 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ocs23,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - usermod'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/rule.yml
index 866445695d..bd11f8ff8c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel8,rhel9
+prodtype: ocs23,rhel8,rhel9
title: 'Record Events When Executables Are Run As Another User'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
index 6a3c31d246..e762d73753 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Events that Modify User/Group Information - /etc/group'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
index 94f6e75b84..9ac7857583 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Events that Modify User/Group Information - /etc/gshadow'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
index 51b5f0f541..8a1d85586a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Events that Modify User/Group Information - /etc/security/opasswd'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
index 0f1b393bcb..80206934c4 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Events that Modify User/Group Information - /etc/passwd'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
index 4ffa0e3438..b5dc63dd5a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Events that Modify User/Group Information - /etc/shadow'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml
index 901d2c2031..60703c3c22 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Attempts to perform maintenance activities'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
index 1a9d0959a9..a1083cc646 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: ocs23,ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
title: 'System Audit Logs Must Be Group Owned By Root'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
index b7b5736cdd..98dacb76ea 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: ocs23,ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
title: 'System Audit Logs Must Be Owned By Root'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
index e73322c961..be98dcc610 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'System Audit Logs Must Have Mode 0640 or Less Permissive'
diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
index 0c1ad54191..ef0b509bbd 100644
--- a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
+++ b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ocs23,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Auditing for Processes Which Start Prior to the Audit Daemon'
diff --git a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
index 5a6ad45366..d56dc6674d 100644
--- a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
+++ b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Extend Audit Backlog Limit for the Audit Daemon'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
index 299748d46f..638ba81402 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15
title: 'Verify {{{ grub2_boot_path }}}/grub.cfg Group Ownership'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml
index a69df22466..e83e39683f 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ocs23,ol8,ol9,rhel7,rhel8,rhel9,rhv4
title: 'Verify {{{ grub2_boot_path }}}/user.cfg Group Ownership'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
index 83b7e7acce..65fef3c4eb 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify {{{ grub2_boot_path }}}/grub.cfg User Ownership'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml
index 079f519bec..5110d056f3 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
title: 'Verify {{{ grub2_boot_path }}}/user.cfg User Ownership'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml
index a2b0132fcd..e17ad8f4ce 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify {{{ grub2_boot_path }}}/grub.cfg Permissions'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml
index dcaaa425b0..14423af9e9 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ocs23,ol7,ol8,rhel7,rhel8,rhel9,rhv4
title: 'Verify {{{ grub2_boot_path }}}/user.cfg Permissions'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
index 654799a498..839bf39cef 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set Boot Loader Password in grub2'
diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml
index 8a10defceb..76e59cf8ad 100644
--- a/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,rhel7,rhel8,rhel9
title: 'Verify the UEFI Boot Loader grub.cfg Group Ownership'
diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml
index 9f5bb27454..15b9d9765f 100644
--- a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,rhel7,rhel8,rhel9
title: 'Verify the UEFI Boot Loader grub.cfg User Ownership'
diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml
index ee5bdcaf82..dc44342bfe 100644
--- a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,rhel7,rhel8,rhel9
title: 'Verify the UEFI Boot Loader grub.cfg Permissions'
diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
index cdaa2b573e..221f17e514 100644
--- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set the UEFI Boot Loader Password'
diff --git a/linux_os/guide/system/logging/journald/journald_compress/rule.yml b/linux_os/guide/system/logging/journald/journald_compress/rule.yml
index 7ffcab8056..b648fa92b5 100644
--- a/linux_os/guide/system/logging/journald/journald_compress/rule.yml
+++ b/linux_os/guide/system/logging/journald/journald_compress/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,ocs23,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: Ensure journald is configured to compress large log files
diff --git a/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml b/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
index 5119d15bda..2239ce6c56 100644
--- a/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
+++ b/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
+prodtype: alinux3,anolis23,anolis8,ocs23,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
title: Ensure journald is configured to send logs to rsyslog
diff --git a/linux_os/guide/system/logging/journald/journald_storage/rule.yml b/linux_os/guide/system/logging/journald/journald_storage/rule.yml
index 833346cc80..fe10170721 100644
--- a/linux_os/guide/system/logging/journald/journald_storage/rule.yml
+++ b/linux_os/guide/system/logging/journald/journald_storage/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,ocs23,openembedded,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: Ensure journald is configured to write log files to persistent disk
diff --git a/linux_os/guide/system/logging/journald/socket_systemd-journal-remote_disabled/rule.yml b/linux_os/guide/system/logging/journald/socket_systemd-journal-remote_disabled/rule.yml
index 8510c91a56..4ad4df4268 100644
--- a/linux_os/guide/system/logging/journald/socket_systemd-journal-remote_disabled/rule.yml
+++ b/linux_os/guide/system/logging/journald/socket_systemd-journal-remote_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ocs23,rhel8,rhel9,ubuntu2204
title: 'Disable systemd-journal-remote Socket'
diff --git a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
index cf6f3069ee..e582175cc0 100644
--- a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
+++ b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
+prodtype: alinux3,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
title: 'Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server'
diff --git a/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml b/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml
index f37af583d4..bfd8e81d78 100644
--- a/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml
+++ b/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: ocs23,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
title: 'Ensure rsyslog Default File Permissions Configured'
diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
index 4d42170d18..c1a89e4a12 100644
--- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
title: 'Verify firewalld Enabled'
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_restricted/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_restricted/rule.yml
index 200f793c91..0336dd00f8 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_restricted/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_restricted/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: ocs23,rhel9
title: 'Configure Firewalld to Restrict Loopback Traffic'
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_trusted/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_trusted/rule.yml
index 80cf6668ef..245a701bc5 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_trusted/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_trusted/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: ocs23,rhel9
title: 'Configure Firewalld to Trust Loopback Traffic'
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
index 88979eee55..a682d69774 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: alinux2,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
title: 'Set Default firewalld Zone for Incoming Packets'
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
index 7cb30d194f..1c8e006729 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Configure Accepting Router Advertisements on All IPv6 Interfaces'
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
index d986698c6d..18212d4349 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Accepting ICMP Redirects for All IPv6 Interfaces'
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
index 27add44823..e29b308f55 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces'
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
index ccc429d5b6..3a5971c0a4 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for IPv6 Forwarding'
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
index 07374bdb8a..797393c831 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Accepting Router Advertisements on all IPv6 Interfaces by Default'
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
index 7769ce20ec..4f4e399375 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces'
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
index 191a881998..32062e94d0 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
index 9f047ea906..79cf3222ac 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Accepting ICMP Redirects for All IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
index 88bfe6d7d4..57d07d7c9c 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
index b1df46e254..b7deca4e43 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
index 3d96b822a4..0719530af6 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml
index 17b310be1c..c9b4577d80 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
index 2d8cdac858..88b17276b1 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
index d43d147ceb..402f32682e 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
index be9262e372..40fbf7359a 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Kernel Paremeter to Log Martian Packets on all IPv4 Interfaces by Default'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
index e7a2772354..4ba3b40804 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml
index 363dcf7d4e..1c292eb53c 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Configure Kernel Parameter for Accepting Secure Redirects By Default'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
index 69e3fa4acc..dd7e2f0415 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
index b9018a5aec..d7f259ff6e 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
index 824d9248a0..a2532f1d9a 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
index 9ad3e985d8..45b241f4be 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
index bbe539e4e6..1ca35f7491 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml
index dbfb032077..d0f27ea22c 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-nftables/nftables_ensure_default_deny_policy/rule.yml b/linux_os/guide/system/network/network-nftables/nftables_ensure_default_deny_policy/rule.yml
index d4fe13df4e..e0588c5315 100644
--- a/linux_os/guide/system/network/network-nftables/nftables_ensure_default_deny_policy/rule.yml
+++ b/linux_os/guide/system/network/network-nftables/nftables_ensure_default_deny_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: sle15,ubuntu2004,ubuntu2204
+prodtype: ocs23,sle15,ubuntu2004,ubuntu2204
title: 'Ensure nftables Default Deny Firewall Policy'
diff --git a/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml b/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml
index 499b36851f..c701be952d 100644
--- a/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml
+++ b/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle15,ubuntu2004,ubuntu2204
+prodtype: ocs23,rhel7,rhel8,rhel9,sle15,ubuntu2004,ubuntu2204
title: 'Install nftables Package'
diff --git a/linux_os/guide/system/network/network-nftables/service_nftables_disabled/rule.yml b/linux_os/guide/system/network/network-nftables/service_nftables_disabled/rule.yml
index 77b847f90b..4ef773be7a 100644
--- a/linux_os/guide/system/network/network-nftables/service_nftables_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-nftables/service_nftables_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,rhel7,rhel8,rhel9,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ocs23,rhel7,rhel8,rhel9,sle15,ubuntu2004,ubuntu2204
title: 'Verify nftables Service is Disabled'
diff --git a/linux_os/guide/system/network/network-nftables/set_nftables_base_chain/rule.yml b/linux_os/guide/system/network/network-nftables/set_nftables_base_chain/rule.yml
index cfdd7b2e72..05c1a13d90 100644
--- a/linux_os/guide/system/network/network-nftables/set_nftables_base_chain/rule.yml
+++ b/linux_os/guide/system/network/network-nftables/set_nftables_base_chain/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: sle15,ubuntu2004,ubuntu2204
+prodtype: ocs23,sle15,ubuntu2004,ubuntu2204
title: 'Ensure Base Chains Exist for Nftables'
diff --git a/linux_os/guide/system/network/network-nftables/set_nftables_table/rule.yml b/linux_os/guide/system/network/network-nftables/set_nftables_table/rule.yml
index 7dc9a92128..d6ca56df38 100644
--- a/linux_os/guide/system/network/network-nftables/set_nftables_table/rule.yml
+++ b/linux_os/guide/system/network/network-nftables/set_nftables_table/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle15,ubuntu2004,ubuntu2204
+prodtype: ocs23,rhel7,rhel8,rhel9,sle15,ubuntu2004,ubuntu2204
title: 'Ensure a Table Exists for Nftables'
diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
index c206dfc0ff..b92330c7aa 100644
--- a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
+++ b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Deactivate Wireless Network Interfaces'
diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
index b3e2a1a009..dfc8ce8d78 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
+++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
title: 'Ensure All SGID Executables Are Authorized'
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,uos20
+prodtype: alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,uos20
description: |-
The SGID (set group id) bit should be set only on files that were
diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
index 7d1ac5d385..dcaae9c2f5 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
+++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
title: 'Ensure All SUID Executables Are Authorized'
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,uos20
+prodtype: alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,uos20
description: |-
The SUID (set user id) bit should be set only on files that were
diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
index a9dc03ecf9..d65b301e61 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
+++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure All Files Are Owned by a Group'
diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
index 11ed3b37e7..0a9b515ed1 100644
--- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
+++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure All Files Are Owned by a User'
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml
index 607aba3c64..ef9087b77d 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: ocs23,rhel8,rhel9,ubuntu2004,ubuntu2204
title: 'Verify that audit tools are owned by group root'
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml
index e1caace877..c510755986 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: ocs23,rhel8,rhel9,ubuntu2004,ubuntu2204
title: 'Verify that audit tools are owned by root'
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml
index f87b5094af..b5995e7609 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: ocs23,rhel8,rhel9,ubuntu2004,ubuntu2204
title: 'Verify that audit tools Have Mode 0755 or less'
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
index eab9bce8ce..60f3653b37 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Disable Mounting of cramfs'
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml
index 67bc619a3e..bffa1ffb84 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
title: 'Disable Mounting of squashfs'
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
index 0f437dab4b..85701702b9 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Modprobe Loading of USB Storage Driver'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
index 7debed33da..7cd9a5798d 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Add noexec Option to /dev/shm'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
index ba5959a42b..f2220ec03e 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Add nodev Option to /home'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
index 19590c842e..90573d6970 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
+prodtype: alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
title: 'Add nosuid Option to /home'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
index 06a7dc18f3..06629590e1 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Add nodev Option to /tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
index 5d8d9710fb..38a69c21f7 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Add noexec Option to /tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
index b7b9fec923..c5cc5203a8 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Add nosuid Option to /tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
index c89966261a..85fcf69266 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
title: 'Add nodev Option to /var/log/audit'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
index 98a7e9ad02..b19ee251c3 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
title: 'Add noexec Option to /var/log/audit'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
index 833e994701..a5a7e44e7c 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
title: 'Add nosuid Option to /var/log/audit'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
index aae251d622..a11fe15c20 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
title: 'Add nodev Option to /var/log'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
index 132b09fd29..4fddddf16c 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
title: 'Add noexec Option to /var/log'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
index 0744827b99..fa079ba72f 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
title: 'Add nosuid Option to /var/log'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
index eb57b5c017..6d84fd5e7d 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
title: 'Add nodev Option to /var'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml
index 5fe097625e..1ce2bcb579 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
+prodtype: alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
title: 'Add nosuid Option to /var'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
index b21666373b..a1d72a9907 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Add nodev Option to /var/tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
index 3240796eb4..8fa7615eb7 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Add noexec Option to /var/tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
index 49b39bc061..d16b447f7d 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Add nosuid Option to /var/tmp'
diff --git a/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml b/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
index 93f558241e..3b417e2b48 100644
--- a/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
+++ b/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
title: 'Ensure SELinux Not Disabled in /etc/default/grub'
diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml b/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
index 1f66196134..acb96931fc 100644
--- a/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
+++ b/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
title: 'Install libselinux Package'
diff --git a/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml b/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml
index f11bd265bb..c174e4ac41 100644
--- a/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml
+++ b/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,rhel7,rhel8,rhel9,sle15
+prodtype: alinux2,alinux3,fedora,ocs23,rhel7,rhel8,rhel9,sle15
title: 'Uninstall mcstrans Package'
diff --git a/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml b/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml
index f8852e9650..d2838b1306 100644
--- a/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml
+++ b/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
title: 'Uninstall setroubleshoot Package'
diff --git a/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml b/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
index fcd320803f..f95322cc70 100644
--- a/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
title: 'Ensure No Daemons are Unconfined by SELinux'
diff --git a/linux_os/guide/system/selinux/selinux_policytype/rule.yml b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
index 4a58789123..f3a1043d5d 100644
--- a/linux_os/guide/system/selinux/selinux_policytype/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
title: 'Configure SELinux Policy'
diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
index a5f203a1ac..7e88209e90 100644
--- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Ensure /var/tmp Located On Separate Partition'
diff --git a/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml b/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml
index 19710ed2f5..88bd2ae0f1 100644
--- a/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml
+++ b/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Configure GNOME3 DConf User Profile'
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
index 5957ae82f4..83e4890b14 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable the GNOME3 Login User List'
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml
index e86c249b34..70b90a3a15 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,rhel7,rhel8,rhel9,ubuntu2204
title: 'Disable GNOME3 Automounting'
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
index e03b12539f..f7df35284d 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2204
title: 'Disable GNOME3 Automount Opening'
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
index 74ee302023..c124cc30f8 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2204
title: 'Disable GNOME3 Automount running'
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
index eeb849c86c..11d95f2394 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
title: 'Set GNOME3 Screensaver Inactivity Timeout'
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
index 9514d839fe..2f06a1d2f2 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2204
title: 'Set GNOME3 Screensaver Lock Delay After Activation Period'
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
index 723dfb0967..a33ecc0e2a 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9
title: 'Ensure Users Cannot Change GNOME3 Screensaver Settings'
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
index 7f0a52f333..83d3af8a5f 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
title: 'Ensure Users Cannot Change GNOME3 Session Idle Settings'
diff --git a/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml b/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml
index 205adaf500..fc11addfc9 100644
--- a/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml
+++ b/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ocs23,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Remove the GDM Package Group'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
index 35a74f1264..ecbb111fe6 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,openembedded,rhcos4,rhel8,rhel9,rhv4,sle15,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol8,ol9,openembedded,rhcos4,rhel8,rhel9,rhv4,sle15,uos20
title: 'Configure System Cryptography Policy'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
index f6da1bb577..5019003c01 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,sle12,sle15,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,sle12,sle15,uos20
title: 'Configure SSH to use System Crypto Policy'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
index 2ccae747ba..e500941bba 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,debian10,debian11,debian12,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,debian10,debian11,debian12,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Build and Test AIDE Database'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
index 79a0cdeffd..895f5ae2ed 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ocs23,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Configure AIDE to Verify the Audit Tools'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
index 680674c2f1..7112bb5856 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
@@ -4,7 +4,7 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,ubuntu2004,ubuntu2204
title: 'Configure Periodic Execution of AIDE'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml
index bbebb646fd..248b5812de 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,debian12,fedora,ocs23,ol7,ol8,ol9,openembedded,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Install AIDE'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml
index 3472f117b5..7db69638c3 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
title: 'Verify File Hashes with RPM'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/rule.yml
index b5b67ae1fb..9a77bf83bd 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux3,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
title: 'Verify and Correct Ownership with RPM'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml
index 5ba5ce1f03..f6eb057bc4 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
title: 'Verify and Correct File Permissions with RPM'
diff --git a/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml b/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml
index e4a1aae3d6..ade2edc00d 100644
--- a/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml
+++ b/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ocs23,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Install sudo Package'
diff --git a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
index d686624d10..649603a15b 100644
--- a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
+++ b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
+prodtype: fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
title: 'Require Re-Authentication When Using the sudo Command'
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
index 619064b775..54e83972c6 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,openembedded,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
title: 'Ensure gpgcheck Enabled In Main {{{ pkg_manager }}} Configuration'
diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
index f0ef023320..5dc6953c72 100644
--- a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
+++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ocs23,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,uos20
title: 'Ensure Software Patches Installed'
diff --git a/products/ocs23/CMakeLists.txt b/products/ocs23/CMakeLists.txt
new file mode 100644
index 0000000000..b392d69bba
--- /dev/null
+++ b/products/ocs23/CMakeLists.txt
@@ -0,0 +1,6 @@
+# Sometimes our users will try to do: "cd ocs23; cmake ." That needs to error in a nice way.
+if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_CURRENT_SOURCE_DIR}")
+ message(FATAL_ERROR "cmake has to be used on the root CMakeLists.txt, see the Building ComplianceAsCode section in the Developer Guide!")
+endif()
+
+ssg_build_product("ocs23")
diff --git a/products/ocs23/product.yml b/products/ocs23/product.yml
new file mode 100755
index 0000000000..f41a3cda52
--- /dev/null
+++ b/products/ocs23/product.yml
@@ -0,0 +1,24 @@
+product: ocs23
+full_name: OpenCloudOS Stream 23
+type: platform
+
+benchmark_id: OCS-23
+benchmark_root: "../../linux_os/guide"
+
+
+profiles_root: "./profiles"
+
+pkg_manager: "dnf"
+
+init_system: "systemd"
+
+cpes_root: "../../shared/applicability"
+cpes:
+ - ocs23:
+ name: "cpe:/o:ocs:ocs:23"
+ title: "OpenCloudOS Stream 23"
+ check_id: installed_OS_is_ocs23
+
+# Mapping of CPE platform to package
+platform_package_overrides:
+ login_defs: "shadow-utils"
diff --git a/products/ocs23/profiles/basic_server.profile b/products/ocs23/profiles/basic_server.profile
new file mode 100755
index 0000000000..64c8c8de68
--- /dev/null
+++ b/products/ocs23/profiles/basic_server.profile
@@ -0,0 +1,314 @@
+documentation_complete: true
+
+title: 'Basic System Security Profile for OpenCloudOS Stream 23 Server'
+
+description: |-
+ This profile contains rules to ensure "Basic" security baseline of a
+ OpenCloudOS Stream 23 server system. Regardless of your system's workload
+ all of these checks should pass.
+
+selections:
+- service_crond_enabled
+- file_groupowner_crontab
+- file_owner_crontab
+- file_permissions_crontab
+- file_groupowner_cron_hourly
+- file_owner_cron_hourly
+- file_permissions_cron_hourly
+- file_groupowner_cron_daily
+- file_owner_cron_daily
+- file_permissions_cron_daily
+- file_groupowner_cron_weekly
+- file_owner_cron_weekly
+- file_permissions_cron_weekly
+- file_groupowner_cron_monthly
+- file_owner_cron_monthly
+- file_permissions_cron_monthly
+- file_groupowner_cron_d
+- file_owner_cron_d
+- file_permissions_cron_d
+- file_cron_deny_not_exist
+- file_groupowner_cron_allow
+- file_owner_cron_allow
+- file_permissions_cron_allow
+- file_at_deny_not_exist
+- file_groupowner_at_allow
+- file_owner_at_allow
+- file_permissions_at_allow
+- accounts_umask_etc_bashrc
+- accounts_umask_etc_login_defs
+- accounts_umask_etc_profile
+- var_accounts_user_umask=027
+- accounts_root_gid_zero
+- accounts_maximum_age_login_defs
+- var_accounts_maximum_age_login_defs=365
+- accounts_password_set_max_life_existing
+- accounts_password_warn_age_login_defs
+- var_accounts_password_warn_age_login_defs=14
+- accounts_password_set_warn_age_existing
+- accounts_minimum_age_login_defs
+- var_accounts_minimum_age_login_defs=1
+- accounts_password_set_min_life_existing
+- account_disable_post_pw_expiration
+- var_account_disable_post_pw_expiration=30
+- accounts_set_post_pw_existing
+- accounts_tmout
+- var_accounts_tmout=15_min
+- accounts_password_last_change_is_in_past
+- no_password_auth_for_systemaccounts
+- no_shelllogin_for_systemaccounts
+- ensure_root_password_configured
+- no_empty_passwords_etc_shadow
+- accounts_password_pam_minclass
+- accounts_password_pam_minlen
+- accounts_password_pam_retry
+- var_password_pam_minclass=4
+- var_password_pam_minlen=12
+- accounts_passwords_pam_faillock_deny
+- var_accounts_passwords_pam_faillock_deny=3
+- accounts_passwords_pam_faillock_unlock_time
+- var_accounts_passwords_pam_faillock_unlock_time=900
+- set_password_hashing_algorithm_systemauth
+- set_password_hashing_algorithm_passwordauth
+- set_password_hashing_algorithm_logindefs
+- var_password_hashing_algorithm=SHA512
+- accounts_password_pam_pwhistory_remember_password_auth
+- accounts_password_pam_pwhistory_remember_system_auth
+- var_password_pam_remember_control_flag=requisite_or_required
+- var_password_pam_remember=5
+- package_sudo_installed
+- sudo_custom_logfile
+- sudo_add_use_pty
+- var_pam_wheel_group_for_su=cis
+- use_pam_wheel_group_for_su
+- ensure_pam_wheel_group_empty
+- sudo_require_reauthentication
+- sudo_require_reauthentication
+- accounts_passwords_pam_faillock_deny
+- accounts_password_all_shadowed
+- no_empty_passwords_etc_shadow
+- gid_passwd_group_same
+- account_unique_name
+- group_unique_name
+- account_unique_id
+- group_unique_id
+- accounts_no_uid_except_zero
+- accounts_root_path_dirs_no_write
+- root_path_no_dot
+- accounts_user_interactive_home_directory_exists
+- file_ownership_home_directories
+- file_groupownership_home_directories
+- file_permissions_home_directories
+- accounts_user_dot_no_world_writable_programs
+- no_rsh_trust_files
+- no_forward_files
+- no_netrc_files
+- package_rsyslog_installed
+- service_rsyslog_enabled
+- rsyslog_filecreatemode
+- rsyslog_nolisten
+- journald_forward_to_syslog
+- socket_systemd-journal-remote_disabled
+- service_systemd-journald_enabled
+- journald_compress
+- journald_storage
+- rsyslog_files_groupownership
+- file_groupowner_sshd_config
+- file_owner_sshd_config
+- file_permissions_sshd_config
+- sshd_limit_user_access
+- sshd_set_loglevel_verbose
+- sshd_disable_root_login
+- sshd_enable_pam
+- sshd_disable_empty_passwords
+- disable_host_auth
+- sshd_disable_rhosts
+- file_permissions_sshd_pub_key
+- file_ownership_sshd_pub_key
+- file_groupownership_sshd_pub_key
+- file_permissions_sshd_private_key
+- file_ownership_sshd_private_key
+- file_groupownership_sshd_private_key
+- configure_ssh_crypto_policy
+- sshd_enable_warning_banner_net
+- sshd_max_auth_tries_value=3
+- sshd_set_max_auth_tries
+- sshd_set_max_sessions
+- var_sshd_max_sessions=10
+- sshd_set_maxstartups
+- var_sshd_set_maxstartups=10:30:60
+- sshd_set_login_grace_time
+- var_sshd_set_login_grace_time=60
+- sshd_idle_timeout_value=15_minutes
+- sshd_set_idle_timeout
+- sshd_set_keepalive
+- var_sshd_set_keepalive=0
+- sshd_do_not_permit_user_env
+- package_chrony_installed
+- chronyd_specify_remote_server
+- chronyd_run_as_chrony_user
+- var_multiple_time_servers=rhel
+- package_cups_removed
+- package_tftp-server_removed
+- package_bind_removed
+- package_openldap-servers_removed
+- package_vsftpd_removed
+- package_dhcp_removed
+- package_httpd_removed
+- package_nginx_removed
+- package_samba_removed
+- package_net-snmp_removed
+- package_squid_removed
+- package_dnsmasq_removed
+- package_telnet-server_removed
+- package_dovecot_removed
+- package_cyrus-imapd_removed
+- postfix_network_listening_disabled
+- var_postfix_inet_interfaces=loopback-only
+- has_nonlocal_mta
+- service_nfs_disabled
+- service_rpcbind_disabled
+- package_rsync_removed
+- package_telnet_removed
+- package_tftp_removed
+- package_ftp_removed
+- package_openldap-clients_removed
+- file_groupowner_etc_passwd
+- file_owner_etc_passwd
+- file_permissions_etc_passwd
+- file_groupowner_backup_etc_passwd
+- file_owner_backup_etc_passwd
+- file_permissions_backup_etc_passwd
+- file_groupowner_etc_group
+- file_owner_etc_group
+- file_permissions_etc_group
+- file_groupowner_backup_etc_group
+- file_owner_backup_etc_group
+- file_permissions_backup_etc_group
+- file_groupowner_backup_etc_shadow
+- file_owner_backup_etc_shadow
+- file_permissions_backup_etc_shadow
+- file_groupowner_etc_gshadow
+- file_owner_etc_gshadow
+- file_permissions_etc_gshadow
+- file_groupowner_backup_etc_gshadow
+- file_owner_backup_etc_gshadow
+- file_permissions_backup_etc_gshadow
+- file_permissions_unauthorized_world_writable
+- no_files_unowned_by_user
+- file_permissions_ungroupowned
+- dir_perms_world_writable_sticky_bits
+- wireless_disable_interfaces
+- sysctl_net_ipv4_ip_forward
+- sysctl_net_ipv6_conf_all_forwarding
+- sysctl_net_ipv6_conf_all_forwarding_value=disabled
+- sysctl_net_ipv4_conf_all_send_redirects
+- sysctl_net_ipv4_conf_default_send_redirects
+- sysctl_net_ipv4_conf_all_accept_source_route
+- sysctl_net_ipv4_conf_all_accept_source_route_value=disabled
+- sysctl_net_ipv4_conf_default_accept_source_route
+- sysctl_net_ipv4_conf_default_accept_source_route_value=disabled
+- sysctl_net_ipv6_conf_all_accept_source_route
+- sysctl_net_ipv6_conf_all_accept_source_route_value=disabled
+- sysctl_net_ipv6_conf_default_accept_source_route
+- sysctl_net_ipv6_conf_default_accept_source_route_value=disabled
+- sysctl_net_ipv4_conf_all_accept_redirects
+- sysctl_net_ipv4_conf_all_accept_redirects_value=disabled
+- sysctl_net_ipv4_conf_default_accept_redirects
+- sysctl_net_ipv4_conf_default_accept_redirects_value=disabled
+- sysctl_net_ipv6_conf_all_accept_redirects
+- sysctl_net_ipv6_conf_all_accept_redirects_value=disabled
+- sysctl_net_ipv6_conf_default_accept_redirects
+- sysctl_net_ipv6_conf_default_accept_redirects_value=disabled
+- sysctl_net_ipv4_conf_all_secure_redirects
+- sysctl_net_ipv4_conf_all_secure_redirects_value=disabled
+- sysctl_net_ipv4_conf_default_secure_redirects
+- sysctl_net_ipv4_conf_default_secure_redirects_value=disabled
+- sysctl_net_ipv4_conf_all_log_martians
+- sysctl_net_ipv4_conf_all_log_martians_value=enabled
+- sysctl_net_ipv4_conf_default_log_martians
+- sysctl_net_ipv4_conf_default_log_martians_value=enabled
+- sysctl_net_ipv4_icmp_echo_ignore_broadcasts
+- sysctl_net_ipv4_icmp_echo_ignore_broadcasts_value=enabled
+- sysctl_net_ipv4_icmp_ignore_bogus_error_responses
+- sysctl_net_ipv4_icmp_ignore_bogus_error_responses_value=enabled
+- sysctl_net_ipv4_conf_all_rp_filter
+- sysctl_net_ipv4_conf_all_rp_filter_value=enabled
+- sysctl_net_ipv4_conf_default_rp_filter
+- sysctl_net_ipv4_conf_default_rp_filter_value=enabled
+- sysctl_net_ipv4_tcp_syncookies
+- sysctl_net_ipv4_tcp_syncookies_value=enabled
+- sysctl_net_ipv6_conf_all_accept_ra
+- sysctl_net_ipv6_conf_all_accept_ra_value=disabled
+- sysctl_net_ipv6_conf_default_accept_ra
+- sysctl_net_ipv6_conf_default_accept_ra_value=disabled
+- package_nftables_installed
+- service_firewalld_enabled
+- service_nftables_disabled
+- set_firewalld_default_zone
+- firewalld_loopback_traffic_trusted
+- firewalld_loopback_traffic_restricted
+- banner_etc_motd
+- motd_banner_text=cis_banners
+- banner_etc_issue
+- login_banner_text=cis_banners
+- banner_etc_issue_net
+- remote_login_banner_text=cis_banners
+- file_groupowner_etc_motd
+- file_owner_etc_motd
+- file_permissions_etc_motd
+- file_groupowner_etc_issue
+- file_owner_etc_issue
+- file_permissions_etc_issue
+- file_groupowner_etc_issue_net
+- file_owner_etc_issue_net
+- file_permissions_etc_issue_net
+- configure_crypto_policy
+- var_system_crypto_policy=default_policy
+- kernel_module_squashfs_disabled
+- kernel_module_cramfs_disabled
+- kernel_module_squashfs_disabled
+- partition_for_tmp
+- mount_option_tmp_nodev
+- mount_option_tmp_noexec
+- mount_option_tmp_nosuid
+- mount_option_var_nodev
+- mount_option_var_nosuid
+- mount_option_var_tmp_noexec
+- mount_option_var_tmp_nosuid
+- mount_option_var_tmp_nodev
+- mount_option_var_log_nodev
+- mount_option_var_log_noexec
+- mount_option_var_log_nosuid
+- mount_option_var_log_audit_noexec
+- mount_option_var_log_audit_nodev
+- mount_option_var_log_audit_nosuid
+- mount_option_home_nodev
+- mount_option_home_nosuid
+- partition_for_dev_shm
+- mount_option_dev_shm_nodev
+- mount_option_dev_shm_noexec
+- mount_option_dev_shm_nosuid
+- ensure_gpgcheck_globally_activated
+- package_aide_installed
+- aide_build_database
+- aide_periodic_cron_checking
+- aide_check_audit_tools
+- grub2_password
+- file_groupowner_grub2_cfg
+- file_owner_grub2_cfg
+- file_permissions_grub2_cfg
+- file_groupowner_user_cfg
+- file_owner_user_cfg
+- file_permissions_user_cfg
+- coredump_disable_storage
+- coredump_disable_backtraces
+- sysctl_kernel_randomize_va_space
+- package_libselinux_installed
+- var_selinux_policy_name=targeted
+- selinux_policytype
+- selinux_not_disabled
+- grub2_enable_selinux
+- selinux_confinement_of_daemons
+- package_setroubleshoot_removed
+- package_mcstrans_removed
diff --git a/products/ocs23/profiles/basic_workstation.profile b/products/ocs23/profiles/basic_workstation.profile
new file mode 100755
index 0000000000..21eccefc77
--- /dev/null
+++ b/products/ocs23/profiles/basic_workstation.profile
@@ -0,0 +1,331 @@
+documentation_complete: true
+
+title: 'Basic System Security Profile for OpenCloudOS Stream 23 Workstation'
+
+description: |-
+ This profile contains rules to ensure "Basic" security baseline of a
+ OpenCloudOS Stream 23 workstatuion system. Regardless of your system's
+ workload all of these checks should pass.
+
+selections:
+- service_crond_enabled
+- file_groupowner_crontab
+- file_owner_crontab
+- file_permissions_crontab
+- file_groupowner_cron_hourly
+- file_owner_cron_hourly
+- file_permissions_cron_hourly
+- file_groupowner_cron_daily
+- file_owner_cron_daily
+- file_permissions_cron_daily
+- file_groupowner_cron_weekly
+- file_owner_cron_weekly
+- file_permissions_cron_weekly
+- file_groupowner_cron_monthly
+- file_owner_cron_monthly
+- file_permissions_cron_monthly
+- file_groupowner_cron_d
+- file_owner_cron_d
+- file_permissions_cron_d
+- file_cron_deny_not_exist
+- file_groupowner_cron_allow
+- file_owner_cron_allow
+- file_permissions_cron_allow
+- file_at_deny_not_exist
+- file_groupowner_at_allow
+- file_owner_at_allow
+- file_permissions_at_allow
+- accounts_umask_etc_bashrc
+- accounts_umask_etc_login_defs
+- accounts_umask_etc_profile
+- var_accounts_user_umask=027
+- accounts_root_gid_zero
+- accounts_maximum_age_login_defs
+- var_accounts_maximum_age_login_defs=365
+- accounts_password_set_max_life_existing
+- accounts_password_warn_age_login_defs
+- var_accounts_password_warn_age_login_defs=14
+- accounts_password_set_warn_age_existing
+- accounts_minimum_age_login_defs
+- var_accounts_minimum_age_login_defs=1
+- accounts_password_set_min_life_existing
+- account_disable_post_pw_expiration
+- var_account_disable_post_pw_expiration=30
+- accounts_set_post_pw_existing
+- accounts_tmout
+- var_accounts_tmout=15_min
+- accounts_password_last_change_is_in_past
+- no_password_auth_for_systemaccounts
+- no_shelllogin_for_systemaccounts
+- ensure_root_password_configured
+- no_empty_passwords_etc_shadow
+- accounts_password_pam_minclass
+- accounts_password_pam_minlen
+- accounts_password_pam_retry
+- var_password_pam_minclass=4
+- var_password_pam_minlen=12
+- accounts_passwords_pam_faillock_deny
+- var_accounts_passwords_pam_faillock_deny=3
+- accounts_passwords_pam_faillock_unlock_time
+- var_accounts_passwords_pam_faillock_unlock_time=900
+- set_password_hashing_algorithm_systemauth
+- set_password_hashing_algorithm_passwordauth
+- set_password_hashing_algorithm_logindefs
+- var_password_hashing_algorithm=SHA512
+- accounts_password_pam_pwhistory_remember_password_auth
+- accounts_password_pam_pwhistory_remember_system_auth
+- var_password_pam_remember_control_flag=requisite_or_required
+- var_password_pam_remember=5
+- package_sudo_installed
+- sudo_custom_logfile
+- sudo_add_use_pty
+- var_pam_wheel_group_for_su=cis
+- use_pam_wheel_group_for_su
+- ensure_pam_wheel_group_empty
+- sudo_require_reauthentication
+- sudo_require_reauthentication
+- accounts_passwords_pam_faillock_deny
+- accounts_password_all_shadowed
+- no_empty_passwords_etc_shadow
+- gid_passwd_group_same
+- account_unique_name
+- group_unique_name
+- account_unique_id
+- group_unique_id
+- accounts_no_uid_except_zero
+- accounts_root_path_dirs_no_write
+- root_path_no_dot
+- accounts_user_interactive_home_directory_exists
+- file_ownership_home_directories
+- file_groupownership_home_directories
+- file_permissions_home_directories
+- accounts_user_dot_no_world_writable_programs
+- no_rsh_trust_files
+- no_forward_files
+- no_netrc_files
+- package_rsyslog_installed
+- service_rsyslog_enabled
+- rsyslog_filecreatemode
+- rsyslog_nolisten
+- journald_forward_to_syslog
+- socket_systemd-journal-remote_disabled
+- service_systemd-journald_enabled
+- journald_compress
+- journald_storage
+- rsyslog_files_groupownership
+- file_groupowner_sshd_config
+- file_owner_sshd_config
+- file_permissions_sshd_config
+- sshd_limit_user_access
+- sshd_set_loglevel_verbose
+- sshd_disable_root_login
+- sshd_enable_pam
+- sshd_disable_empty_passwords
+- disable_host_auth
+- sshd_disable_x11_forwarding
+- sshd_disable_rhosts
+- file_permissions_sshd_pub_key
+- file_ownership_sshd_pub_key
+- file_groupownership_sshd_pub_key
+- file_permissions_sshd_private_key
+- file_ownership_sshd_private_key
+- file_groupownership_sshd_private_key
+- configure_ssh_crypto_policy
+- sshd_enable_warning_banner_net
+- sshd_max_auth_tries_value=3
+- sshd_set_max_auth_tries
+- sshd_set_max_sessions
+- var_sshd_max_sessions=10
+- sshd_set_maxstartups
+- var_sshd_set_maxstartups=10:30:60
+- sshd_set_login_grace_time
+- var_sshd_set_login_grace_time=60
+- sshd_idle_timeout_value=15_minutes
+- sshd_set_idle_timeout
+- sshd_set_keepalive
+- var_sshd_set_keepalive=0
+- sshd_do_not_permit_user_env
+- package_chrony_installed
+- chronyd_specify_remote_server
+- chronyd_run_as_chrony_user
+- var_multiple_time_servers=rhel
+- package_cups_removed
+- package_tftp-server_removed
+- package_bind_removed
+- package_openldap-servers_removed
+- package_vsftpd_removed
+- package_dhcp_removed
+- package_httpd_removed
+- package_nginx_removed
+- package_samba_removed
+- package_net-snmp_removed
+- package_squid_removed
+- package_dnsmasq_removed
+- package_telnet-server_removed
+- package_dovecot_removed
+- package_cyrus-imapd_removed
+- postfix_network_listening_disabled
+- var_postfix_inet_interfaces=loopback-only
+- has_nonlocal_mta
+- service_nfs_disabled
+- service_rpcbind_disabled
+- package_rsync_removed
+- package_telnet_removed
+- package_tftp_removed
+- package_ftp_removed
+- package_openldap-clients_removed
+- file_groupowner_etc_passwd
+- file_owner_etc_passwd
+- file_permissions_etc_passwd
+- file_groupowner_backup_etc_passwd
+- file_owner_backup_etc_passwd
+- file_permissions_backup_etc_passwd
+- file_groupowner_etc_group
+- file_owner_etc_group
+- file_permissions_etc_group
+- file_groupowner_backup_etc_group
+- file_owner_backup_etc_group
+- file_permissions_backup_etc_group
+- file_groupowner_backup_etc_shadow
+- file_owner_backup_etc_shadow
+- file_permissions_backup_etc_shadow
+- file_groupowner_etc_gshadow
+- file_owner_etc_gshadow
+- file_permissions_etc_gshadow
+- file_groupowner_backup_etc_gshadow
+- file_owner_backup_etc_gshadow
+- file_permissions_backup_etc_gshadow
+- file_permissions_unauthorized_world_writable
+- no_files_unowned_by_user
+- file_permissions_ungroupowned
+- dir_perms_world_writable_sticky_bits
+- sysctl_net_ipv4_ip_forward
+- sysctl_net_ipv6_conf_all_forwarding
+- sysctl_net_ipv6_conf_all_forwarding_value=disabled
+- sysctl_net_ipv4_conf_all_send_redirects
+- sysctl_net_ipv4_conf_default_send_redirects
+- sysctl_net_ipv4_conf_all_accept_source_route
+- sysctl_net_ipv4_conf_all_accept_source_route_value=disabled
+- sysctl_net_ipv4_conf_default_accept_source_route
+- sysctl_net_ipv4_conf_default_accept_source_route_value=disabled
+- sysctl_net_ipv6_conf_all_accept_source_route
+- sysctl_net_ipv6_conf_all_accept_source_route_value=disabled
+- sysctl_net_ipv6_conf_default_accept_source_route
+- sysctl_net_ipv6_conf_default_accept_source_route_value=disabled
+- sysctl_net_ipv4_conf_all_accept_redirects
+- sysctl_net_ipv4_conf_all_accept_redirects_value=disabled
+- sysctl_net_ipv4_conf_default_accept_redirects
+- sysctl_net_ipv4_conf_default_accept_redirects_value=disabled
+- sysctl_net_ipv6_conf_all_accept_redirects
+- sysctl_net_ipv6_conf_all_accept_redirects_value=disabled
+- sysctl_net_ipv6_conf_default_accept_redirects
+- sysctl_net_ipv6_conf_default_accept_redirects_value=disabled
+- sysctl_net_ipv4_conf_all_secure_redirects
+- sysctl_net_ipv4_conf_all_secure_redirects_value=disabled
+- sysctl_net_ipv4_conf_default_secure_redirects
+- sysctl_net_ipv4_conf_default_secure_redirects_value=disabled
+- sysctl_net_ipv4_conf_all_log_martians
+- sysctl_net_ipv4_conf_all_log_martians_value=enabled
+- sysctl_net_ipv4_conf_default_log_martians
+- sysctl_net_ipv4_conf_default_log_martians_value=enabled
+- sysctl_net_ipv4_icmp_echo_ignore_broadcasts
+- sysctl_net_ipv4_icmp_echo_ignore_broadcasts_value=enabled
+- sysctl_net_ipv4_icmp_ignore_bogus_error_responses
+- sysctl_net_ipv4_icmp_ignore_bogus_error_responses_value=enabled
+- sysctl_net_ipv4_conf_all_rp_filter
+- sysctl_net_ipv4_conf_all_rp_filter_value=enabled
+- sysctl_net_ipv4_conf_default_rp_filter
+- sysctl_net_ipv4_conf_default_rp_filter_value=enabled
+- sysctl_net_ipv4_tcp_syncookies
+- sysctl_net_ipv4_tcp_syncookies_value=enabled
+- sysctl_net_ipv6_conf_all_accept_ra
+- sysctl_net_ipv6_conf_all_accept_ra_value=disabled
+- sysctl_net_ipv6_conf_default_accept_ra
+- sysctl_net_ipv6_conf_default_accept_ra_value=disabled
+- package_nftables_installed
+- service_firewalld_enabled
+- service_nftables_disabled
+- set_firewalld_default_zone
+- firewalld_loopback_traffic_trusted
+- firewalld_loopback_traffic_restricted
+- banner_etc_motd
+- motd_banner_text=cis_banners
+- banner_etc_issue
+- login_banner_text=cis_banners
+- banner_etc_issue_net
+- remote_login_banner_text=cis_banners
+- file_groupowner_etc_motd
+- file_owner_etc_motd
+- file_permissions_etc_motd
+- file_groupowner_etc_issue
+- file_owner_etc_issue
+- file_permissions_etc_issue
+- file_groupowner_etc_issue_net
+- file_owner_etc_issue_net
+- file_permissions_etc_issue_net
+- dconf_gnome_banner_enabled
+- dconf_gnome_login_banner_text
+- login_banner_text=cis_default
+- dconf_gnome_disable_user_list
+- dconf_gnome_screensaver_idle_delay
+- dconf_gnome_screensaver_lock_delay
+- inactivity_timeout_value=15_minutes
+- var_screensaver_lock_delay=5_seconds
+- dconf_gnome_session_idle_user_locks
+- dconf_gnome_screensaver_user_locks
+- dconf_gnome_disable_automount
+- dconf_gnome_disable_automount_open
+- dconf_gnome_disable_automount
+- dconf_gnome_disable_automount_open
+- dconf_gnome_disable_autorun
+- dconf_gnome_disable_autorun
+- gnome_gdm_disable_xdmcp
+- configure_crypto_policy
+- var_system_crypto_policy=default_policy
+- kernel_module_squashfs_disabled
+- kernel_module_cramfs_disabled
+- kernel_module_squashfs_disabled
+- partition_for_tmp
+- mount_option_tmp_nodev
+- mount_option_tmp_noexec
+- mount_option_tmp_nosuid
+- mount_option_var_nodev
+- mount_option_var_nosuid
+- mount_option_var_tmp_noexec
+- mount_option_var_tmp_nosuid
+- mount_option_var_tmp_nodev
+- mount_option_var_log_nodev
+- mount_option_var_log_noexec
+- mount_option_var_log_nosuid
+- mount_option_var_log_audit_noexec
+- mount_option_var_log_audit_nodev
+- mount_option_var_log_audit_nosuid
+- mount_option_home_nodev
+- mount_option_home_nosuid
+- partition_for_dev_shm
+- mount_option_dev_shm_nodev
+- mount_option_dev_shm_noexec
+- mount_option_dev_shm_nosuid
+- ensure_gpgcheck_globally_activated
+- package_aide_installed
+- aide_build_database
+- aide_periodic_cron_checking
+- aide_check_audit_tools
+- grub2_password
+- file_groupowner_grub2_cfg
+- file_owner_grub2_cfg
+- file_permissions_grub2_cfg
+- file_groupowner_user_cfg
+- file_owner_user_cfg
+- file_permissions_user_cfg
+- coredump_disable_storage
+- coredump_disable_backtraces
+- sysctl_kernel_randomize_va_space
+- package_libselinux_installed
+- var_selinux_policy_name=targeted
+- selinux_policytype
+- selinux_not_disabled
+- grub2_enable_selinux
+- selinux_confinement_of_daemons
+- package_setroubleshoot_removed
+- package_mcstrans_removed
diff --git a/products/ocs23/profiles/enhanced_server.profile b/products/ocs23/profiles/enhanced_server.profile
new file mode 100755
index 0000000000..8ccfc9bcb1
--- /dev/null
+++ b/products/ocs23/profiles/enhanced_server.profile
@@ -0,0 +1,412 @@
+documentation_complete: true
+
+title: 'Enhanced System Security Profile for OpenCloudOS Stream 23 Server'
+
+description: |-
+ This profile contains rules to ensure "Enhanced" security baseline of a
+ OpenCloudOS Stream 23 server system. Regardless of your system's workload
+ all of these checks should pass.
+
+selections:
+- service_crond_enabled
+- file_groupowner_crontab
+- file_owner_crontab
+- file_permissions_crontab
+- file_groupowner_cron_hourly
+- file_owner_cron_hourly
+- file_permissions_cron_hourly
+- file_groupowner_cron_daily
+- file_owner_cron_daily
+- file_permissions_cron_daily
+- file_groupowner_cron_weekly
+- file_owner_cron_weekly
+- file_permissions_cron_weekly
+- file_groupowner_cron_monthly
+- file_owner_cron_monthly
+- file_permissions_cron_monthly
+- file_groupowner_cron_d
+- file_owner_cron_d
+- file_permissions_cron_d
+- file_cron_deny_not_exist
+- file_groupowner_cron_allow
+- file_owner_cron_allow
+- file_permissions_cron_allow
+- file_at_deny_not_exist
+- file_groupowner_at_allow
+- file_owner_at_allow
+- file_permissions_at_allow
+- accounts_umask_etc_bashrc
+- accounts_umask_etc_login_defs
+- accounts_umask_etc_profile
+- var_accounts_user_umask=027
+- accounts_root_gid_zero
+- accounts_maximum_age_login_defs
+- var_accounts_maximum_age_login_defs=365
+- accounts_password_set_max_life_existing
+- accounts_password_warn_age_login_defs
+- var_accounts_password_warn_age_login_defs=14
+- accounts_password_set_warn_age_existing
+- accounts_minimum_age_login_defs
+- var_accounts_minimum_age_login_defs=1
+- accounts_password_set_min_life_existing
+- account_disable_post_pw_expiration
+- var_account_disable_post_pw_expiration=30
+- accounts_set_post_pw_existing
+- accounts_tmout
+- var_accounts_tmout=15_min
+- accounts_password_last_change_is_in_past
+- no_password_auth_for_systemaccounts
+- no_shelllogin_for_systemaccounts
+- ensure_root_password_configured
+- no_empty_passwords_etc_shadow
+- accounts_password_pam_minclass
+- accounts_password_pam_minlen
+- accounts_password_pam_retry
+- var_password_pam_minclass=4
+- var_password_pam_minlen=12
+- accounts_passwords_pam_faillock_deny
+- var_accounts_passwords_pam_faillock_deny=3
+- accounts_passwords_pam_faillock_unlock_time
+- var_accounts_passwords_pam_faillock_unlock_time=900
+- set_password_hashing_algorithm_systemauth
+- set_password_hashing_algorithm_passwordauth
+- set_password_hashing_algorithm_logindefs
+- var_password_hashing_algorithm=SHA512
+- accounts_password_pam_pwhistory_remember_password_auth
+- accounts_password_pam_pwhistory_remember_system_auth
+- var_password_pam_remember_control_flag=requisite_or_required
+- var_password_pam_remember=5
+- package_sudo_installed
+- sudo_custom_logfile
+- sudo_add_use_pty
+- sudo_require_authentication
+- var_pam_wheel_group_for_su=cis
+- use_pam_wheel_group_for_su
+- ensure_pam_wheel_group_empty
+- sudo_require_reauthentication
+- sudo_require_reauthentication
+- accounts_passwords_pam_faillock_deny
+- package_audit_installed
+- grub2_audit_argument
+- grub2_audit_backlog_limit_argument
+- service_auditd_enabled
+- auditd_data_retention_max_log_file
+- var_auditd_max_log_file=6
+- auditd_data_retention_max_log_file_action
+- var_auditd_max_log_file_action=keep_logs
+- auditd_data_retention_action_mail_acct
+- auditd_data_retention_admin_space_left_action
+- auditd_data_retention_space_left_action
+- var_auditd_action_mail_acct=root
+- var_auditd_admin_space_left_action=halt
+- var_auditd_space_left_action=email
+- audit_rules_sysadmin_actions
+- audit_rules_suid_auid_privilege_function
+- audit_sudo_log_events
+- audit_rules_time_adjtimex
+- audit_rules_time_settimeofday
+- audit_rules_time_clock_settime
+- audit_rules_time_stime
+- audit_rules_time_watch_localtime
+- audit_rules_networkconfig_modification
+- audit_rules_privileged_commands
+- audit_rules_unsuccessful_file_modification_creat
+- audit_rules_unsuccessful_file_modification_ftruncate
+- audit_rules_unsuccessful_file_modification_open
+- audit_rules_unsuccessful_file_modification_openat
+- audit_rules_unsuccessful_file_modification_truncate
+- audit_rules_usergroup_modification_group
+- audit_rules_usergroup_modification_gshadow
+- audit_rules_usergroup_modification_opasswd
+- audit_rules_usergroup_modification_passwd
+- audit_rules_usergroup_modification_shadow
+- audit_rules_dac_modification_chmod
+- audit_rules_dac_modification_chown
+- audit_rules_dac_modification_fchmod
+- audit_rules_dac_modification_fchmodat
+- audit_rules_dac_modification_fchmod
+- audit_rules_dac_modification_fchmodat
+- audit_rules_dac_modification_fchown
+- audit_rules_dac_modification_fchownat
+- audit_rules_dac_modification_fremovexattr
+- audit_rules_dac_modification_fsetxattr
+- audit_rules_dac_modification_lchown
+- audit_rules_dac_modification_lremovexattr
+- audit_rules_dac_modification_lsetxattr
+- audit_rules_dac_modification_removexattr
+- audit_rules_dac_modification_setxattr
+- audit_rules_media_export
+- audit_rules_session_events
+- audit_rules_login_events_faillock
+- audit_rules_login_events_lastlog
+- var_accounts_passwords_pam_faillock_dir=run
+- audit_rules_file_deletion_events_rename
+- audit_rules_file_deletion_events_renameat
+- audit_rules_file_deletion_events_unlink
+- audit_rules_file_deletion_events_unlinkat
+- audit_rules_mac_modification
+- audit_rules_mac_modification_usr_share
+- audit_rules_execution_chcon
+- audit_rules_execution_setfacl
+- audit_rules_execution_chacl
+- audit_rules_privileged_commands_usermod
+- audit_rules_kernel_module_loading_create
+- audit_rules_kernel_module_loading_delete
+- audit_rules_kernel_module_loading_finit
+- audit_rules_kernel_module_loading_init
+- audit_rules_kernel_module_loading_query
+- audit_rules_privileged_commands_kmod
+- audit_rules_immutable
+- file_permissions_var_log_audit
+- file_ownership_var_log_audit_stig
+- file_group_ownership_var_log_audit
+- directory_permissions_var_log_audit
+- file_permissions_audit_configuration
+- file_ownership_audit_configuration
+- file_groupownership_audit_configuration
+- file_permissions_audit_binaries
+- file_ownership_audit_binaries
+- file_groupownership_audit_binaries
+- accounts_password_all_shadowed
+- no_empty_passwords_etc_shadow
+- gid_passwd_group_same
+- account_unique_name
+- group_unique_name
+- account_unique_id
+- group_unique_id
+- accounts_no_uid_except_zero
+- accounts_root_path_dirs_no_write
+- root_path_no_dot
+- accounts_user_interactive_home_directory_exists
+- file_ownership_home_directories
+- file_groupownership_home_directories
+- file_permissions_home_directories
+- accounts_user_dot_no_world_writable_programs
+- no_rsh_trust_files
+- no_forward_files
+- no_netrc_files
+- package_rsyslog_installed
+- service_rsyslog_enabled
+- rsyslog_filecreatemode
+- rsyslog_nolisten
+- journald_forward_to_syslog
+- socket_systemd-journal-remote_disabled
+- sshd_disable_tcp_forwarding
+- service_systemd-journald_enabled
+- journald_compress
+- journald_storage
+- rsyslog_files_groupownership
+- file_groupowner_sshd_config
+- file_owner_sshd_config
+- file_permissions_sshd_config
+- sshd_limit_user_access
+- sshd_set_loglevel_verbose
+- sshd_disable_root_login
+- sshd_enable_pam
+- package_xorg-x11-server-common_removed
+- package_avahi_removed
+- sshd_disable_empty_passwords
+- disable_host_auth
+- sshd_disable_x11_forwarding
+- sshd_disable_rhosts
+- file_permissions_sshd_pub_key
+- file_ownership_sshd_pub_key
+- file_groupownership_sshd_pub_key
+- file_permissions_sshd_private_key
+- file_ownership_sshd_private_key
+- file_groupownership_sshd_private_key
+- configure_ssh_crypto_policy
+- sshd_enable_warning_banner_net
+- sshd_max_auth_tries_value=3
+- sshd_set_max_auth_tries
+- sshd_set_max_sessions
+- var_sshd_max_sessions=10
+- sshd_set_maxstartups
+- var_sshd_set_maxstartups=10:30:60
+- sshd_set_login_grace_time
+- var_sshd_set_login_grace_time=60
+- sshd_idle_timeout_value=15_minutes
+- sshd_set_idle_timeout
+- sshd_set_keepalive
+- var_sshd_set_keepalive=0
+- sshd_do_not_permit_user_env
+- package_chrony_installed
+- chronyd_specify_remote_server
+- chronyd_run_as_chrony_user
+- var_multiple_time_servers=rhel
+- package_cups_removed
+- package_tftp-server_removed
+- package_bind_removed
+- package_openldap-servers_removed
+- package_vsftpd_removed
+- package_dhcp_removed
+- package_httpd_removed
+- package_nginx_removed
+- package_samba_removed
+- package_net-snmp_removed
+- file_owner_etc_shadow
+- file_groupowner_etc_shadow
+- file_permissions_etc_shadow
+- package_squid_removed
+- package_dnsmasq_removed
+- package_telnet-server_removed
+- package_dovecot_removed
+- package_cyrus-imapd_removed
+- postfix_network_listening_disabled
+- var_postfix_inet_interfaces=loopback-only
+- has_nonlocal_mta
+- service_nfs_disabled
+- service_rpcbind_disabled
+- package_rsync_removed
+- package_telnet_removed
+- package_tftp_removed
+- package_ftp_removed
+- package_openldap-clients_removed
+- file_groupowner_etc_passwd
+- file_owner_etc_passwd
+- file_permissions_etc_passwd
+- file_groupowner_backup_etc_passwd
+- file_owner_backup_etc_passwd
+- file_permissions_backup_etc_passwd
+- file_groupowner_etc_group
+- file_owner_etc_group
+- file_permissions_etc_group
+- file_groupowner_backup_etc_group
+- file_owner_backup_etc_group
+- file_permissions_backup_etc_group
+- file_groupowner_backup_etc_shadow
+- file_owner_backup_etc_shadow
+- file_permissions_backup_etc_shadow
+- file_groupowner_etc_gshadow
+- file_owner_etc_gshadow
+- file_permissions_etc_gshadow
+- file_groupowner_backup_etc_gshadow
+- file_owner_backup_etc_gshadow
+- file_permissions_backup_etc_gshadow
+- file_permissions_unauthorized_world_writable
+- no_files_unowned_by_user
+- file_permissions_ungroupowned
+- dir_perms_world_writable_sticky_bits
+- wireless_disable_interfaces
+- sysctl_net_ipv4_ip_forward
+- sysctl_net_ipv6_conf_all_forwarding
+- sysctl_net_ipv6_conf_all_forwarding_value=disabled
+- sysctl_net_ipv4_conf_all_send_redirects
+- sysctl_net_ipv4_conf_default_send_redirects
+- sysctl_net_ipv4_conf_all_accept_source_route
+- sysctl_net_ipv4_conf_all_accept_source_route_value=disabled
+- sysctl_net_ipv4_conf_default_accept_source_route
+- sysctl_net_ipv4_conf_default_accept_source_route_value=disabled
+- sysctl_net_ipv6_conf_all_accept_source_route
+- sysctl_net_ipv6_conf_all_accept_source_route_value=disabled
+- sysctl_net_ipv6_conf_default_accept_source_route
+- sysctl_net_ipv6_conf_default_accept_source_route_value=disabled
+- sysctl_net_ipv4_conf_all_accept_redirects
+- sysctl_net_ipv4_conf_all_accept_redirects_value=disabled
+- sysctl_net_ipv4_conf_default_accept_redirects
+- sysctl_net_ipv4_conf_default_accept_redirects_value=disabled
+- sysctl_net_ipv6_conf_all_accept_redirects
+- sysctl_net_ipv6_conf_all_accept_redirects_value=disabled
+- sysctl_net_ipv6_conf_default_accept_redirects
+- sysctl_net_ipv6_conf_default_accept_redirects_value=disabled
+- sysctl_net_ipv4_conf_all_secure_redirects
+- sysctl_net_ipv4_conf_all_secure_redirects_value=disabled
+- sysctl_net_ipv4_conf_default_secure_redirects
+- sysctl_net_ipv4_conf_default_secure_redirects_value=disabled
+- sysctl_net_ipv4_conf_all_log_martians
+- sysctl_net_ipv4_conf_all_log_martians_value=enabled
+- sysctl_net_ipv4_conf_default_log_martians
+- sysctl_net_ipv4_conf_default_log_martians_value=enabled
+- sysctl_net_ipv4_icmp_echo_ignore_broadcasts
+- sysctl_net_ipv4_icmp_echo_ignore_broadcasts_value=enabled
+- sysctl_net_ipv4_icmp_ignore_bogus_error_responses
+- sysctl_net_ipv4_icmp_ignore_bogus_error_responses_value=enabled
+- sysctl_net_ipv4_conf_all_rp_filter
+- sysctl_net_ipv4_conf_all_rp_filter_value=enabled
+- sysctl_net_ipv4_conf_default_rp_filter
+- sysctl_net_ipv4_conf_default_rp_filter_value=enabled
+- sysctl_net_ipv4_tcp_syncookies
+- sysctl_net_ipv4_tcp_syncookies_value=enabled
+- sysctl_net_ipv6_conf_all_accept_ra
+- sysctl_net_ipv6_conf_all_accept_ra_value=disabled
+- sysctl_net_ipv6_conf_default_accept_ra
+- sysctl_net_ipv6_conf_default_accept_ra_value=disabled
+- package_nftables_installed
+- service_firewalld_enabled
+- service_nftables_disabled
+- set_firewalld_default_zone
+- firewalld_loopback_traffic_trusted
+- firewalld_loopback_traffic_restricted
+- banner_etc_motd
+- motd_banner_text=cis_banners
+- banner_etc_issue
+- login_banner_text=cis_banners
+- banner_etc_issue_net
+- remote_login_banner_text=cis_banners
+- file_groupowner_etc_motd
+- file_owner_etc_motd
+- file_permissions_etc_motd
+- file_groupowner_etc_issue
+- file_owner_etc_issue
+- file_permissions_etc_issue
+- file_groupowner_etc_issue_net
+- file_owner_etc_issue_net
+- file_permissions_etc_issue_net
+- package_gdm_removed
+- configure_crypto_policy
+- var_system_crypto_policy=default_policy
+- kernel_module_squashfs_disabled
+- kernel_module_cramfs_disabled
+- kernel_module_squashfs_disabled
+- partition_for_tmp
+- mount_option_tmp_nodev
+- mount_option_tmp_noexec
+- mount_option_tmp_nosuid
+- partition_for_var
+- mount_option_var_nodev
+- mount_option_var_nosuid
+- partition_for_var_tmp
+- mount_option_var_tmp_noexec
+- mount_option_var_tmp_nosuid
+- mount_option_var_tmp_nodev
+- partition_for_var_log
+- mount_option_var_log_nodev
+- mount_option_var_log_noexec
+- mount_option_var_log_nosuid
+- partition_for_var_log_audit
+- mount_option_var_log_audit_noexec
+- mount_option_var_log_audit_nodev
+- mount_option_var_log_audit_nosuid
+- partition_for_home
+- mount_option_home_nodev
+- mount_option_home_nosuid
+- partition_for_dev_shm
+- mount_option_dev_shm_nodev
+- mount_option_dev_shm_noexec
+- mount_option_dev_shm_nosuid
+- kernel_module_usb-storage_disabled
+- ensure_gpgcheck_globally_activated
+- package_aide_installed
+- aide_build_database
+- aide_periodic_cron_checking
+- aide_check_audit_tools
+- grub2_password
+- file_groupowner_grub2_cfg
+- file_owner_grub2_cfg
+- file_permissions_grub2_cfg
+- file_groupowner_user_cfg
+- file_owner_user_cfg
+- file_permissions_user_cfg
+- coredump_disable_storage
+- coredump_disable_backtraces
+- sysctl_kernel_randomize_va_space
+- package_libselinux_installed
+- var_selinux_policy_name=targeted
+- selinux_policytype
+- selinux_not_disabled
+- var_selinux_state=enforcing
+- selinux_state
+- grub2_enable_selinux
+- selinux_confinement_of_daemons
+- package_setroubleshoot_removed
+- package_mcstrans_removed
diff --git a/products/ocs23/profiles/enhanced_workstation.profile b/products/ocs23/profiles/enhanced_workstation.profile
new file mode 100755
index 0000000000..1b3f1d6ad8
--- /dev/null
+++ b/products/ocs23/profiles/enhanced_workstation.profile
@@ -0,0 +1,426 @@
+documentation_complete: true
+
+title: 'Enhanced System Security Profile for OpenCloudOS Stream 23 Workstation'
+
+description: |-
+ This profile contains rules to ensure "Enhanced" security baseline of a
+ OpenCloudOS Stream 23 workstation system. Regardless of your system's
+ workload all of these checks should pass.
+
+selections:
+- service_crond_enabled
+- file_groupowner_crontab
+- file_owner_crontab
+- file_permissions_crontab
+- file_groupowner_cron_hourly
+- file_owner_cron_hourly
+- file_permissions_cron_hourly
+- file_groupowner_cron_daily
+- file_owner_cron_daily
+- file_permissions_cron_daily
+- file_groupowner_cron_weekly
+- file_owner_cron_weekly
+- file_permissions_cron_weekly
+- file_groupowner_cron_monthly
+- file_owner_cron_monthly
+- file_permissions_cron_monthly
+- file_groupowner_cron_d
+- file_owner_cron_d
+- file_permissions_cron_d
+- file_cron_deny_not_exist
+- file_groupowner_cron_allow
+- file_owner_cron_allow
+- file_permissions_cron_allow
+- file_at_deny_not_exist
+- file_groupowner_at_allow
+- file_owner_at_allow
+- file_permissions_at_allow
+- accounts_umask_etc_bashrc
+- accounts_umask_etc_login_defs
+- accounts_umask_etc_profile
+- var_accounts_user_umask=027
+- accounts_root_gid_zero
+- accounts_maximum_age_login_defs
+- var_accounts_maximum_age_login_defs=365
+- accounts_password_set_max_life_existing
+- accounts_password_warn_age_login_defs
+- var_accounts_password_warn_age_login_defs=14
+- accounts_password_set_warn_age_existing
+- accounts_minimum_age_login_defs
+- var_accounts_minimum_age_login_defs=1
+- accounts_password_set_min_life_existing
+- account_disable_post_pw_expiration
+- var_account_disable_post_pw_expiration=30
+- accounts_set_post_pw_existing
+- accounts_tmout
+- var_accounts_tmout=15_min
+- accounts_password_last_change_is_in_past
+- no_password_auth_for_systemaccounts
+- no_shelllogin_for_systemaccounts
+- ensure_root_password_configured
+- no_empty_passwords_etc_shadow
+- accounts_password_pam_minclass
+- accounts_password_pam_minlen
+- accounts_password_pam_retry
+- var_password_pam_minclass=4
+- var_password_pam_minlen=12
+- accounts_passwords_pam_faillock_deny
+- var_accounts_passwords_pam_faillock_deny=3
+- accounts_passwords_pam_faillock_unlock_time
+- var_accounts_passwords_pam_faillock_unlock_time=900
+- set_password_hashing_algorithm_systemauth
+- set_password_hashing_algorithm_passwordauth
+- set_password_hashing_algorithm_logindefs
+- var_password_hashing_algorithm=SHA512
+- accounts_password_pam_pwhistory_remember_password_auth
+- accounts_password_pam_pwhistory_remember_system_auth
+- var_password_pam_remember_control_flag=requisite_or_required
+- var_password_pam_remember=5
+- package_sudo_installed
+- sudo_custom_logfile
+- sudo_add_use_pty
+- sudo_require_authentication
+- var_pam_wheel_group_for_su=cis
+- use_pam_wheel_group_for_su
+- ensure_pam_wheel_group_empty
+- sudo_require_reauthentication
+- sudo_require_reauthentication
+- accounts_passwords_pam_faillock_deny
+- package_audit_installed
+- grub2_audit_argument
+- grub2_audit_backlog_limit_argument
+- service_auditd_enabled
+- auditd_data_retention_max_log_file
+- var_auditd_max_log_file=6
+- auditd_data_retention_max_log_file_action
+- var_auditd_max_log_file_action=keep_logs
+- auditd_data_retention_action_mail_acct
+- auditd_data_retention_admin_space_left_action
+- auditd_data_retention_space_left_action
+- var_auditd_action_mail_acct=root
+- var_auditd_admin_space_left_action=halt
+- var_auditd_space_left_action=email
+- audit_rules_sysadmin_actions
+- audit_rules_suid_auid_privilege_function
+- audit_sudo_log_events
+- audit_rules_time_adjtimex
+- audit_rules_time_settimeofday
+- audit_rules_time_clock_settime
+- audit_rules_time_stime
+- audit_rules_time_watch_localtime
+- audit_rules_networkconfig_modification
+- audit_rules_privileged_commands
+- audit_rules_unsuccessful_file_modification_creat
+- audit_rules_unsuccessful_file_modification_ftruncate
+- audit_rules_unsuccessful_file_modification_open
+- audit_rules_unsuccessful_file_modification_openat
+- audit_rules_unsuccessful_file_modification_truncate
+- audit_rules_usergroup_modification_group
+- audit_rules_usergroup_modification_gshadow
+- audit_rules_usergroup_modification_opasswd
+- audit_rules_usergroup_modification_passwd
+- audit_rules_usergroup_modification_shadow
+- audit_rules_dac_modification_chmod
+- audit_rules_dac_modification_chown
+- audit_rules_dac_modification_fchmod
+- audit_rules_dac_modification_fchmodat
+- audit_rules_dac_modification_fchmod
+- audit_rules_dac_modification_fchmodat
+- audit_rules_dac_modification_fchown
+- audit_rules_dac_modification_fchownat
+- audit_rules_dac_modification_fremovexattr
+- audit_rules_dac_modification_fsetxattr
+- audit_rules_dac_modification_lchown
+- audit_rules_dac_modification_lremovexattr
+- audit_rules_dac_modification_lsetxattr
+- audit_rules_dac_modification_removexattr
+- audit_rules_dac_modification_setxattr
+- audit_rules_media_export
+- audit_rules_session_events
+- audit_rules_login_events_faillock
+- audit_rules_login_events_lastlog
+- var_accounts_passwords_pam_faillock_dir=run
+- audit_rules_file_deletion_events_rename
+- audit_rules_file_deletion_events_renameat
+- audit_rules_file_deletion_events_unlink
+- audit_rules_file_deletion_events_unlinkat
+- audit_rules_mac_modification
+- audit_rules_mac_modification_usr_share
+- audit_rules_execution_chcon
+- audit_rules_execution_setfacl
+- audit_rules_execution_chacl
+- audit_rules_privileged_commands_usermod
+- audit_rules_kernel_module_loading_create
+- audit_rules_kernel_module_loading_delete
+- audit_rules_kernel_module_loading_finit
+- audit_rules_kernel_module_loading_init
+- audit_rules_kernel_module_loading_query
+- audit_rules_privileged_commands_kmod
+- audit_rules_immutable
+- file_permissions_var_log_audit
+- file_ownership_var_log_audit_stig
+- file_group_ownership_var_log_audit
+- directory_permissions_var_log_audit
+- file_permissions_audit_configuration
+- file_ownership_audit_configuration
+- file_groupownership_audit_configuration
+- file_permissions_audit_binaries
+- file_ownership_audit_binaries
+- file_groupownership_audit_binaries
+- accounts_password_all_shadowed
+- no_empty_passwords_etc_shadow
+- gid_passwd_group_same
+- account_unique_name
+- group_unique_name
+- account_unique_id
+- group_unique_id
+- accounts_no_uid_except_zero
+- accounts_root_path_dirs_no_write
+- root_path_no_dot
+- accounts_user_interactive_home_directory_exists
+- file_ownership_home_directories
+- file_groupownership_home_directories
+- file_permissions_home_directories
+- accounts_user_dot_no_world_writable_programs
+- no_rsh_trust_files
+- no_forward_files
+- no_netrc_files
+- package_rsyslog_installed
+- service_rsyslog_enabled
+- rsyslog_filecreatemode
+- rsyslog_nolisten
+- journald_forward_to_syslog
+- socket_systemd-journal-remote_disabled
+- sshd_disable_tcp_forwarding
+- service_systemd-journald_enabled
+- journald_compress
+- journald_storage
+- rsyslog_files_groupownership
+- file_groupowner_sshd_config
+- file_owner_sshd_config
+- file_permissions_sshd_config
+- sshd_limit_user_access
+- sshd_set_loglevel_verbose
+- sshd_disable_root_login
+- sshd_enable_pam
+- package_avahi_removed
+- sshd_disable_empty_passwords
+- disable_host_auth
+- sshd_disable_x11_forwarding
+- sshd_disable_rhosts
+- file_permissions_sshd_pub_key
+- file_ownership_sshd_pub_key
+- file_groupownership_sshd_pub_key
+- file_permissions_sshd_private_key
+- file_ownership_sshd_private_key
+- file_groupownership_sshd_private_key
+- configure_ssh_crypto_policy
+- sshd_enable_warning_banner_net
+- sshd_max_auth_tries_value=3
+- sshd_set_max_auth_tries
+- sshd_set_max_sessions
+- var_sshd_max_sessions=10
+- sshd_set_maxstartups
+- var_sshd_set_maxstartups=10:30:60
+- sshd_set_login_grace_time
+- var_sshd_set_login_grace_time=60
+- sshd_idle_timeout_value=15_minutes
+- sshd_set_idle_timeout
+- sshd_set_keepalive
+- var_sshd_set_keepalive=0
+- sshd_do_not_permit_user_env
+- package_chrony_installed
+- chronyd_specify_remote_server
+- chronyd_run_as_chrony_user
+- var_multiple_time_servers=rhel
+- package_cups_removed
+- package_tftp-server_removed
+- package_bind_removed
+- package_openldap-servers_removed
+- package_vsftpd_removed
+- package_dhcp_removed
+- package_httpd_removed
+- package_nginx_removed
+- package_samba_removed
+- package_net-snmp_removed
+- file_owner_etc_shadow
+- file_groupowner_etc_shadow
+- file_permissions_etc_shadow
+- package_squid_removed
+- package_dnsmasq_removed
+- package_telnet-server_removed
+- package_dovecot_removed
+- package_cyrus-imapd_removed
+- postfix_network_listening_disabled
+- var_postfix_inet_interfaces=loopback-only
+- has_nonlocal_mta
+- service_nfs_disabled
+- service_rpcbind_disabled
+- package_rsync_removed
+- package_telnet_removed
+- package_tftp_removed
+- package_ftp_removed
+- package_openldap-clients_removed
+- file_groupowner_etc_passwd
+- file_owner_etc_passwd
+- file_permissions_etc_passwd
+- file_groupowner_backup_etc_passwd
+- file_owner_backup_etc_passwd
+- file_permissions_backup_etc_passwd
+- file_groupowner_etc_group
+- file_owner_etc_group
+- file_permissions_etc_group
+- file_groupowner_backup_etc_group
+- file_owner_backup_etc_group
+- file_permissions_backup_etc_group
+- file_groupowner_backup_etc_shadow
+- file_owner_backup_etc_shadow
+- file_permissions_backup_etc_shadow
+- file_groupowner_etc_gshadow
+- file_owner_etc_gshadow
+- file_permissions_etc_gshadow
+- file_groupowner_backup_etc_gshadow
+- file_owner_backup_etc_gshadow
+- file_permissions_backup_etc_gshadow
+- file_permissions_unauthorized_world_writable
+- no_files_unowned_by_user
+- file_permissions_ungroupowned
+- dir_perms_world_writable_sticky_bits
+- sysctl_net_ipv4_ip_forward
+- sysctl_net_ipv6_conf_all_forwarding
+- sysctl_net_ipv6_conf_all_forwarding_value=disabled
+- sysctl_net_ipv4_conf_all_send_redirects
+- sysctl_net_ipv4_conf_default_send_redirects
+- sysctl_net_ipv4_conf_all_accept_source_route
+- sysctl_net_ipv4_conf_all_accept_source_route_value=disabled
+- sysctl_net_ipv4_conf_default_accept_source_route
+- sysctl_net_ipv4_conf_default_accept_source_route_value=disabled
+- sysctl_net_ipv6_conf_all_accept_source_route
+- sysctl_net_ipv6_conf_all_accept_source_route_value=disabled
+- sysctl_net_ipv6_conf_default_accept_source_route
+- sysctl_net_ipv6_conf_default_accept_source_route_value=disabled
+- sysctl_net_ipv4_conf_all_accept_redirects
+- sysctl_net_ipv4_conf_all_accept_redirects_value=disabled
+- sysctl_net_ipv4_conf_default_accept_redirects
+- sysctl_net_ipv4_conf_default_accept_redirects_value=disabled
+- sysctl_net_ipv6_conf_all_accept_redirects
+- sysctl_net_ipv6_conf_all_accept_redirects_value=disabled
+- sysctl_net_ipv6_conf_default_accept_redirects
+- sysctl_net_ipv6_conf_default_accept_redirects_value=disabled
+- sysctl_net_ipv4_conf_all_secure_redirects
+- sysctl_net_ipv4_conf_all_secure_redirects_value=disabled
+- sysctl_net_ipv4_conf_default_secure_redirects
+- sysctl_net_ipv4_conf_default_secure_redirects_value=disabled
+- sysctl_net_ipv4_conf_all_log_martians
+- sysctl_net_ipv4_conf_all_log_martians_value=enabled
+- sysctl_net_ipv4_conf_default_log_martians
+- sysctl_net_ipv4_conf_default_log_martians_value=enabled
+- sysctl_net_ipv4_icmp_echo_ignore_broadcasts
+- sysctl_net_ipv4_icmp_echo_ignore_broadcasts_value=enabled
+- sysctl_net_ipv4_icmp_ignore_bogus_error_responses
+- sysctl_net_ipv4_icmp_ignore_bogus_error_responses_value=enabled
+- sysctl_net_ipv4_conf_all_rp_filter
+- sysctl_net_ipv4_conf_all_rp_filter_value=enabled
+- sysctl_net_ipv4_conf_default_rp_filter
+- sysctl_net_ipv4_conf_default_rp_filter_value=enabled
+- sysctl_net_ipv4_tcp_syncookies
+- sysctl_net_ipv4_tcp_syncookies_value=enabled
+- sysctl_net_ipv6_conf_all_accept_ra
+- sysctl_net_ipv6_conf_all_accept_ra_value=disabled
+- sysctl_net_ipv6_conf_default_accept_ra
+- sysctl_net_ipv6_conf_default_accept_ra_value=disabled
+- package_nftables_installed
+- service_firewalld_enabled
+- service_nftables_disabled
+- set_firewalld_default_zone
+- firewalld_loopback_traffic_trusted
+- firewalld_loopback_traffic_restricted
+- banner_etc_motd
+- motd_banner_text=cis_banners
+- banner_etc_issue
+- login_banner_text=cis_banners
+- banner_etc_issue_net
+- remote_login_banner_text=cis_banners
+- file_groupowner_etc_motd
+- file_owner_etc_motd
+- file_permissions_etc_motd
+- file_groupowner_etc_issue
+- file_owner_etc_issue
+- file_permissions_etc_issue
+- file_groupowner_etc_issue_net
+- file_owner_etc_issue_net
+- file_permissions_etc_issue_net
+- dconf_gnome_banner_enabled
+- dconf_gnome_login_banner_text
+- login_banner_text=cis_default
+- dconf_gnome_disable_user_list
+- dconf_gnome_screensaver_idle_delay
+- dconf_gnome_screensaver_lock_delay
+- inactivity_timeout_value=15_minutes
+- var_screensaver_lock_delay=5_seconds
+- dconf_gnome_session_idle_user_locks
+- dconf_gnome_screensaver_user_locks
+- dconf_gnome_disable_automount
+- dconf_gnome_disable_automount_open
+- dconf_gnome_disable_automount
+- dconf_gnome_disable_automount_open
+- dconf_gnome_disable_autorun
+- dconf_gnome_disable_autorun
+- gnome_gdm_disable_xdmcp
+- configure_crypto_policy
+- var_system_crypto_policy=default_policy
+- kernel_module_squashfs_disabled
+- kernel_module_cramfs_disabled
+- kernel_module_squashfs_disabled
+- partition_for_tmp
+- mount_option_tmp_nodev
+- mount_option_tmp_noexec
+- mount_option_tmp_nosuid
+- partition_for_var
+- mount_option_var_nodev
+- mount_option_var_nosuid
+- partition_for_var_tmp
+- mount_option_var_tmp_noexec
+- mount_option_var_tmp_nosuid
+- mount_option_var_tmp_nodev
+- partition_for_var_log
+- mount_option_var_log_nodev
+- mount_option_var_log_noexec
+- mount_option_var_log_nosuid
+- partition_for_var_log_audit
+- mount_option_var_log_audit_noexec
+- mount_option_var_log_audit_nodev
+- mount_option_var_log_audit_nosuid
+- partition_for_home
+- mount_option_home_nodev
+- mount_option_home_nosuid
+- partition_for_dev_shm
+- mount_option_dev_shm_nodev
+- mount_option_dev_shm_noexec
+- mount_option_dev_shm_nosuid
+- kernel_module_usb-storage_disabled
+- ensure_gpgcheck_globally_activated
+- package_aide_installed
+- aide_build_database
+- aide_periodic_cron_checking
+- aide_check_audit_tools
+- grub2_password
+- file_groupowner_grub2_cfg
+- file_owner_grub2_cfg
+- file_permissions_grub2_cfg
+- file_groupowner_user_cfg
+- file_owner_user_cfg
+- file_permissions_user_cfg
+- coredump_disable_storage
+- coredump_disable_backtraces
+- sysctl_kernel_randomize_va_space
+- package_libselinux_installed
+- var_selinux_policy_name=targeted
+- selinux_policytype
+- selinux_not_disabled
+- var_selinux_state=enforcing
+- selinux_state
+- grub2_enable_selinux
+- selinux_confinement_of_daemons
+- package_setroubleshoot_removed
+- package_mcstrans_removed
diff --git a/products/ocs23/transforms/constants.xslt b/products/ocs23/transforms/constants.xslt
new file mode 100755
index 0000000000..d794b700dd
--- /dev/null
+++ b/products/ocs23/transforms/constants.xslt
@@ -0,0 +1,12 @@
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+
+<xsl:include href="../../../shared/transforms/shared_constants.xslt"/>
+
+<xsl:variable name="product_long_name">OpenCloudOS Stream 23</xsl:variable>
+<xsl:variable name="product_short_name">ocs23</xsl:variable>
+<xsl:variable name="product_stig_id_name">empty</xsl:variable>
+<xsl:variable name="prod_type">ocs23</xsl:variable>
+
+
+
+</xsl:stylesheet>
diff --git a/products/ocs23/transforms/table-style.xslt b/products/ocs23/transforms/table-style.xslt
new file mode 100644
index 0000000000..8b6caeab8c
--- /dev/null
+++ b/products/ocs23/transforms/table-style.xslt
@@ -0,0 +1,5 @@
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+
+<xsl:import href="../../../shared/transforms/shared_table-style.xslt"/>
+
+</xsl:stylesheet>
diff --git a/products/ocs23/transforms/xccdf2table-cce.xslt b/products/ocs23/transforms/xccdf2table-cce.xslt
new file mode 100644
index 0000000000..f156a66956
--- /dev/null
+++ b/products/ocs23/transforms/xccdf2table-cce.xslt
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:cce="http://cce.mitre.org" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cdf="http://checklists.nist.gov/xccdf/1.1" xmlns:xhtml="http://www.w3.org/1999/xhtml">
+
+<xsl:import href="../../../shared/transforms/shared_xccdf2table-cce.xslt"/>
+
+<xsl:include href="constants.xslt"/>
+<xsl:include href="table-style.xslt"/>
+
+</xsl:stylesheet>
diff --git a/products/ocs23/transforms/xccdf2table-profileccirefs.xslt b/products/ocs23/transforms/xccdf2table-profileccirefs.xslt
new file mode 100644
index 0000000000..30419e92b2
--- /dev/null
+++ b/products/ocs23/transforms/xccdf2table-profileccirefs.xslt
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cdf="http://checklists.nist.gov/xccdf/1.1" xmlns:cci="https://public.cyber.mil/stigs/cci" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:ovalns="http://oval.mitre.org/XMLSchema/oval-definitions-5">
+
+<xsl:import href="../../../shared/transforms/shared_xccdf2table-profileccirefs.xslt"/>
+
+<xsl:include href="constants.xslt"/>
+<xsl:include href="table-style.xslt"/>
+
+</xsl:stylesheet>
diff --git a/shared/checks/oval/installed_OS_is_ocs23.xml b/shared/checks/oval/installed_OS_is_ocs23.xml
new file mode 100755
index 0000000000..a4969cc8cb
--- /dev/null
+++ b/shared/checks/oval/installed_OS_is_ocs23.xml
@@ -0,0 +1,28 @@
+<def-group>
+ <definition class="inventory" id="installed_OS_is_ocs23" version="3">
+ <metadata>
+ <title>OpenCloudOS Stream 23</title>
+ <affected family="unix">
+ <platform>multi_platform_all</platform>
+ </affected>
+ <reference ref_id="cpe:/o:ocs:ocs:23" source="CPE" />
+ <description>The operating system installed on the system is OpenCloudOS Stream 23</description>
+ </metadata>
+ <criteria comment="current OS is 23" operator="AND">
+ <extend_definition comment="Installed OS is part of the Unix family" definition_ref="installed_OS_is_part_of_Unix_family" />
+ <criterion comment="OpenCloudOS Stream 23 is installed" test_ref="test_ocs23" />
+ </criteria>
+ </definition>
+
+ <linux:rpminfo_test check="all" check_existence="at_least_one_exists" comment="opencloudos-release is version 23" id="test_ocs23" version="1">
+ <linux:object object_ref="obj_ocs23" />
+ <linux:state state_ref="state_ocs23" />
+ </linux:rpminfo_test>
+ <linux:rpminfo_state id="state_ocs23" version="1">
+ <linux:version operation="pattern match">^23.*$</linux:version>
+ </linux:rpminfo_state>
+ <linux:rpminfo_object id="obj_ocs23" version="1">
+ <linux:name>opencloudos-stream-release</linux:name>
+ </linux:rpminfo_object>
+
+</def-group>
diff --git a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
index 4f22df262c..325ab4e199 100644
--- a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
+++ b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
@@ -10,6 +10,7 @@
<platform>multi_platform_fedora</platform>
<platform>multi_platform_openembedded</platform>
<platform>multi_platform_opensuse</platform>
+ <platform>multi_platform_ocs</platform>
<platform>multi_platform_ol</platform>
<platform>multi_platform_rhcos</platform>
<platform>multi_platform_rhel</platform>
diff --git a/ssg/constants.py b/ssg/constants.py
index ed6fc95f8f..d09f691f59 100644
--- a/ssg/constants.py
+++ b/ssg/constants.py
@@ -49,6 +49,7 @@ product_directories = [
'firefox',
'macos1015',
'ocp4',
+ 'ocs23',
'rhcos4',
'ol7', 'ol8', 'ol9',
'opensuse',
@@ -207,6 +208,7 @@ FULL_NAME_TO_PRODUCT_MAPPING = {
"Firefox": "firefox",
"Apple macOS 10.15": "macos1015",
"Red Hat OpenShift Container Platform 4": "ocp4",
+ "OpenCloudOS Stream 23": "ocs23",
"Red Hat Enterprise Linux CoreOS 4": "rhcos4",
"Oracle Linux 7": "ol7",
"Oracle Linux 8": "ol8",
@@ -274,7 +276,7 @@ REFERENCES = dict(
MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
- "opensuse", "sle", "ol", "ocp", "rhcos",
+ "opensuse", "sle", "ol", "ocp", "ocs", "rhcos",
"example", "eks", "alinux", "uos", "anolis", "openembedded"]
MULTI_PLATFORM_MAPPING = {
@@ -287,6 +289,7 @@ MULTI_PLATFORM_MAPPING = {
"multi_platform_opensuse": ["opensuse"],
"multi_platform_ol": ["ol7", "ol8", "ol9"],
"multi_platform_ocp": ["ocp4"],
+ "multi_platform_ocs": ["ocs23"],
"multi_platform_rhcos": ["rhcos4"],
"multi_platform_rhel": ["rhel7", "rhel8", "rhel9"],
"multi_platform_rhv": ["rhv4"],
@@ -461,6 +464,7 @@ MAKEFILE_ID_TO_PRODUCT_MAP = {
'example': 'Example',
'ol': 'Oracle Linux',
'ocp': 'Red Hat OpenShift Container Platform',
+ 'ocs': 'OpenCloudOS Stream',
'rhcos': 'Red Hat Enterprise Linux CoreOS',
'eks': 'Amazon Elastic Kubernetes Service',
'openembedded': 'OpenEmbedded',
--
2.41.0
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手