Add var_accounts_tmout variable definition for PCI profile

teacup-on-rockingchair · teacup-on-rockingchair · commit dfd5a13c9af6 · 2023-12-10T17:31:32.000+02:00
diff --git a/products/sle12/profiles/pci-dss-4.profile b/products/sle12/profiles/pci-dss-4.profile
@@ -14,7 +14,8 @@ description: |-
 selections:
     -  pcidss_3:all:base
     -  var_multiple_time_servers=suse
-    -  var_multiple_time_pools=suse      
+    -  var_multiple_time_pools=suse
+    -  var_accounts_tmout=15_min
     -  account_unique_id
     -  coredump_disable_backtraces
     -  coredump_disable_storage
diff --git a/products/sle15/profiles/pci-dss-4.profile b/products/sle15/profiles/pci-dss-4.profile
@@ -16,10 +16,10 @@ selections:
     -  ensure_pam_wheel_group_empty
     -  sshd_strong_kex=pcidss
     -  sshd_approved_macs=cis_sle15
-    -  sshd_approved_ciphers=cis_sle15 
+    -  sshd_approved_ciphers=cis_sle15
     -  var_multiple_time_servers=suse
-    -  var_multiple_time_pools=suse      
-# Exclude from PCI DISS profile all rules related to ntp and timesyncd and keep only 
+    -  var_multiple_time_pools=suse
+# Exclude from PCI DISS profile all rules related to ntp and timesyncd and keep only
 # rules related to chrony
     - '!ntpd_specify_multiple_servers'
     - '!ntpd_specify_remote_server'
@@ -30,3 +30,4 @@ selections:
     - '!use_pam_wheel_for_su'
     -  use_pam_wheel_group_for_su
     -  var_pam_wheel_group_for_su=cis
+    -  var_accounts_tmout=15_min
