{"results":[{"id":"idm-complete-identity-stack","text":"IdM provides a unified identity management stack bundling 389 Directory Server (LDAP), MIT Kerberos KDC, Dogtag CA, and SSSD into a single integrated platform with centralized user/group/host/policy management.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"idm-cross-platform-identity-provider","text":"IdM can serve as the enterprise identity provider for any Linux distribution in the data center, providing unified LDAP/Kerberos/CA/SSSD services with AD cross-forest trust integration.","truth_value":"OUT","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-application-runtime-platform","text":"RHEL 9 provides a managed application runtime platform with relational databases (MariaDB/MySQL/PostgreSQL via AppStream module streams), a controlled Python ecosystem (venv isolation, AppStream version selection, platform-python reserved), and RPM packaging tools for custom software distribution.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-coordinated-platform-evolution","text":"RHEL 9 evolves the OS foundation (security patches, minor releases, Leapp major upgrades, rpm-ostree atomic updates) and application layer (deprecation-driven networking/virtualization/container modernization with AppStream versioning) as a coordinated platform evolution strategy.","truth_value":"OUT","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-dual-workload-isolation-platform","text":"RHEL 9 provides dual workload isolation with distinct security models: virtual machines via the managed KVM/QEMU/libvirt stack with Cockpit web management and hardware-level isolation, and containers via Podman with MCS-enforced category-based separation where each container receives unique SELinux categories enforced after DAC and Type Enforcement.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-identity-governed-defense-across-lifecycle-and-stack","text":"RHEL 9 is a unified security platform where identity governance spans both the temporal dimension (provisioning, day-2 operations, compliance monitoring) and the spatial dimension (hardware CPU mitigations through mandatory access controls to cryptographic data protection), making every security layer at every lifecycle phase identity-authenticated and auditable.","truth_value":"OUT","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-identity-governed-secure-lifecycle","text":"RHEL 9 is an identity-governed secure lifecycle platform where every phase — provisioning, day-2 operations, compliance monitoring — is both security-hardened by default and controlled by a unified identity ecosystem (IdM/AD with Kerberos authentication), ensuring authenticated attribution from image creation through audit trail.","truth_value":"OUT","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-managed-application-workload-infrastructure","text":"RHEL 9 provides fully managed application workload infrastructure combining compute (KVM/QEMU/libvirt with Cockpit management), encrypted storage (LVM three-layer abstraction with LUKS2/NBDE automated decryption), and application runtimes (relational databases via AppStream, managed Python ecosystem, RPM packaging lifecycle) into a single integrated platform.","truth_value":"OUT","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-managed-database-platform","text":"RHEL 9 provides a managed relational database platform: three supported RDBMS (MariaDB, MySQL, PostgreSQL) delivered via AppStream repository module streams for version selection, with standardized default ports (3306 for MariaDB/MySQL, 5432 for PostgreSQL).","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-modernizing-application-platform","text":"RHEL 9 application platform is actively modernizing: runtime infrastructure (databases via AppStream streams, managed Python ecosystem, RPM packaging lifecycle) evolves in parallel with systematic deprecation of legacy components (ifcfg, iptables, teaming, cgroups v1, monolithic libvirtd) driving migration to modern replacements.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-multi-architecture-hardened-platform","text":"RHEL 9 delivers a security-hardened platform across four supported architectures (x86-64, ARM, POWER, Z) with per-architecture CPU minimums and separate subscription requirements, sharing common defense-in-depth defaults (SELinux enforcing, firewalld active, SHA-1 disabled, system-wide crypto policies) though per-architecture differences exist in kernel configuration.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-multi-architecture-platform-requirements","text":"RHEL 9 supports four architectures with per-architecture minimum CPU microarchitecture versions, separate subscription requirements, and architecture-specific kernel configurations (e.g., 4k page size default on ARM).","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-platform-python-internal","text":"`/usr/libexec/platform-python` is a minimal internal Python for system tools and is not intended for user use.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-python-managed-ecosystem","text":"RHEL 9 provides a managed Python ecosystem: Python 3 only (no Python 2), internal platform-python reserved for system tools, /usr/bin/python symlink via dedicated package, and additional versions available from AppStream.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-resilient-compute-platform","text":"RHEL 9 provides resilient compute infrastructure by combining the managed KVM/QEMU/libvirt virtualization stack (with Cockpit web management and virsh CLI) and Pacemaker/Corosync HA clustering with mandatory STONITH fencing and pcs-managed service lifecycle.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-security-integrated-lifecycle-platform","text":"RHEL 9 integrates security into every lifecycle phase: provisioning (Image Builder/Kickstart produce systems with hardened defaults), day-2 operations (DNF security updates, advisory-driven patching, audit/AIDE/OpenSCAP compliance verification), and upgrade paths (Leapp/bootc preserve security posture) — all governed by defense-in-depth controls, identity-based access, and system-wide crypto policies.","truth_value":"OUT","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-security-preserving-platform-evolution","text":"RHEL 9 evolves its platform (deprecation modernization, minor release cadence, Leapp major upgrades, rpm-ostree atomic updates) while maintaining security integration at every lifecycle phase (provisioning through compliance monitoring), ensuring that modernization never creates security gaps — deprecated components are replaced by more secure alternatives, and new versions inherit the defense-in-depth posture.","truth_value":"OUT","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-systemd-native-isolated-container-platform","text":"RHEL 9 provides a systemd-native container platform where Podman containers are managed declaratively via Quadlet unit files with modernized infrastructure (SQLite backend, Netavark networking) and per-container MCS security isolation enforced by SELinux, enabling containers to be first-class systemd citizens with mandatory access control.","truth_value":"OUT","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"rhel9-virtualization-platform","text":"RHEL 9 provides a complete virtualization platform: KVM as the kernel-level hypervisor, QEMU for device emulation, libvirt as the management API/daemon, with multiple management interfaces (virsh CLI, virt-install for VM creation, Cockpit web console on port 9090).","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null}],"count":19,"limit":20,"offset":0}