From d327c56fb1d051170e5dba55c4a183c929278188 Mon Sep 17 00:00:00 2001
From: Bob Gendler <robert.gendler@nist.gov>
Date: Wed, 29 Dec 2021 14:30:50 -0500
Subject: [PATCH 1/4] sysprefs_printer_sharing_disable added

---
 rules/cis_lvl1.txt                            |  1 -
 .../sysprefs_printer_sharing_disable.yaml     | 52 +++++++++++++++++++
 2 files changed, 52 insertions(+), 1 deletion(-)
 create mode 100644 rules/sysprefs/sysprefs_printer_sharing_disable.yaml

diff --git a/rules/cis_lvl1.txt b/rules/cis_lvl1.txt
index 99b040cf..b147c38a 100644
--- a/rules/cis_lvl1.txt
+++ b/rules/cis_lvl1.txt
@@ -6,7 +6,6 @@ Recommendation #	Title
 	Desktop & Screen Saver
 2.3.3	Audit Lock Screen and Start Screen Saver Tools
 	Sharing
-2.4.4	Ensure Printer Sharing Is Disabled
 2.4.6	Ensure DVD or CD Sharing Is Disabled
 2.4.9	Ensure Remote Management Is Disabled
 	Security & Privacy
diff --git a/rules/sysprefs/sysprefs_printer_sharing_disable.yaml b/rules/sysprefs/sysprefs_printer_sharing_disable.yaml
new file mode 100644
index 00000000..fc449c8b
--- /dev/null
+++ b/rules/sysprefs/sysprefs_printer_sharing_disable.yaml
@@ -0,0 +1,52 @@
+id: sysprefs_printer_sharing_disable
+title: "Disable Printer Sharing"
+discussion: |
+  Printer Sharing _MUST_ be disabled. 
+check: |
+  /usr/sbin/cupsctl | /usr/bin/grep -c "_share_printers=0"
+result:
+  boolean: 1
+fix: |
+  [source,bash]
+  ----
+  /usr/sbin/cupsctl --no-share-printers
+  /usr/bin/lpstat -p | awk '{print $2}'| /usr/bin/xargs -I{} lpadmin -p {} -o printer-is-shared=false
+  ----
+references:
+  cce:
+    - N/A
+  cci: 
+    - N/A
+  800-53r5:
+    - CM-7
+    - CM-7(1)
+  800-53r4: 
+    - CM-7
+    - CM-7(1)
+  srg:
+    - N/A
+  disa_stig: 
+    - N/A
+  800-171r2:
+    - N/A
+  cis:
+    benchmark: 
+      - 2.4.4 (level 1)
+    cisv8:
+      - 4.1
+      - 4.8
+macOS:
+  - "12.0"
+tags:
+  - 800-53r5_low
+  - 800-53r5_moderate
+  - 800-53r5_high
+  - 800-53r4_low
+  - 800-53r4_moderate
+  - 800-53r4_high
+  - cis_lvl1
+  - cis_lvl2
+  - cisv8
+mobileconfig: false
+mobileconfig_info:
+

From c5480f36cb8f1566f01128b1d472ac4e19b2a075 Mon Sep 17 00:00:00 2001
From: Bob Gendler <robert.gendler@nist.gov>
Date: Wed, 29 Dec 2021 15:33:11 -0500
Subject: [PATCH 2/4] sysprefs_cd_dvd_sharing_disable

---
 rules/cis_lvl1.txt                            |  1 -
 .../sysprefs_cd_dvd_sharing_disable.yaml      | 53 +++++++++++++++++++
 2 files changed, 53 insertions(+), 1 deletion(-)
 create mode 100644 rules/sysprefs/sysprefs_cd_dvd_sharing_disable.yaml

diff --git a/rules/cis_lvl1.txt b/rules/cis_lvl1.txt
index b147c38a..2affd56a 100644
--- a/rules/cis_lvl1.txt
+++ b/rules/cis_lvl1.txt
@@ -6,7 +6,6 @@ Recommendation #	Title
 	Desktop & Screen Saver
 2.3.3	Audit Lock Screen and Start Screen Saver Tools
 	Sharing
-2.4.6	Ensure DVD or CD Sharing Is Disabled
 2.4.9	Ensure Remote Management Is Disabled
 	Security & Privacy
 	Encryption
diff --git a/rules/sysprefs/sysprefs_cd_dvd_sharing_disable.yaml b/rules/sysprefs/sysprefs_cd_dvd_sharing_disable.yaml
new file mode 100644
index 00000000..1052b408
--- /dev/null
+++ b/rules/sysprefs/sysprefs_cd_dvd_sharing_disable.yaml
@@ -0,0 +1,53 @@
+id: sysprefs_cd_dvd_sharing_disable
+title: "Disable CD/DVD Sharing"
+discussion: |
+  CD/DVD Sharing _MUST_ be disabled. 
+check: |
+  /usr/bin/pgrep -q ODSAgent; /bin/echo $?
+result:
+  integer: 1
+fix: |
+  [source,bash]
+  ----
+  /bin/launchctl unload /System/Library/LaunchDaemons/com.apple.ODSAgent.plist
+  ----
+references:
+  cce:
+    - N/A
+  cci: 
+    - N/A
+  800-53r5:
+    - CM-7
+    - CM-7(1)
+  800-53r4: 
+    - CM-7
+    - CM-7(1)
+  srg:
+    - N/A
+  disa_stig: 
+    - N/A
+  800-171r2:
+    - N/A
+  cis:
+    benchmark: 
+      - 2.4.6 (level 1)
+    v8:
+      - 4.1
+      - 4.8
+macOS:
+  - "12.0"
+tags:
+  - 800-53r5_low
+  - 800-53r5_moderate
+  - 800-53r5_high
+  - 800-53r4_low
+  - 800-53r4_moderate
+  - 800-53r4_high
+  - 800-171
+  - cnssi-1253
+  - cis_lvl1
+  - cis_lvl2
+  - cisv8
+mobileconfig: false
+mobileconfig_info:
+

From 155037c4fa9d1313818099c5e8fa216f749580a6 Mon Sep 17 00:00:00 2001
From: Bob Gendler <robert.gendler@nist.gov>
Date: Wed, 29 Dec 2021 15:33:28 -0500
Subject: [PATCH 3/4] updated references

---
 rules/sysprefs/sysprefs_printer_sharing_disable.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/sysprefs/sysprefs_printer_sharing_disable.yaml b/rules/sysprefs/sysprefs_printer_sharing_disable.yaml
index fc449c8b..dcc3b588 100644
--- a/rules/sysprefs/sysprefs_printer_sharing_disable.yaml
+++ b/rules/sysprefs/sysprefs_printer_sharing_disable.yaml
@@ -32,7 +32,7 @@ references:
   cis:
     benchmark: 
       - 2.4.4 (level 1)
-    cisv8:
+    v8:
       - 4.1
       - 4.8
 macOS:

From 6450e89ad0fb1bf59bf0e758a35fc55c0f70752c Mon Sep 17 00:00:00 2001
From: Bob Gendler <robert.gendler@nist.gov>
Date: Wed, 29 Dec 2021 15:33:55 -0500
Subject: [PATCH 4/4] updated references

---
 rules/sysprefs/sysprefs_cd_dvd_sharing_disable.yaml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/rules/sysprefs/sysprefs_cd_dvd_sharing_disable.yaml b/rules/sysprefs/sysprefs_cd_dvd_sharing_disable.yaml
index 1052b408..4a5feff6 100644
--- a/rules/sysprefs/sysprefs_cd_dvd_sharing_disable.yaml
+++ b/rules/sysprefs/sysprefs_cd_dvd_sharing_disable.yaml
@@ -43,7 +43,6 @@ tags:
   - 800-53r4_low
   - 800-53r4_moderate
   - 800-53r4_high
-  - 800-171
   - cnssi-1253
   - cis_lvl1
   - cis_lvl2