142 lines
8.2 KiB
Diff
142 lines
8.2 KiB
Diff
|
From a6bd844c52ccadae91ebcb7c252cf4a153522776 Mon Sep 17 00:00:00 2001
|
||
|
From: Matej Tyc <matyc@redhat.com>
|
||
|
Date: Wed, 30 Jun 2021 15:10:13 +0200
|
||
|
Subject: [PATCH] Enable templates for RHEL9.
|
||
|
|
||
|
Concerned templates are low-level, underlying components are stable.
|
||
|
---
|
||
|
shared/templates/audit_rules_file_deletion_events/bash.template | 2 +-
|
||
|
shared/templates/audit_rules_login_events/bash.template | 2 +-
|
||
|
shared/templates/audit_rules_path_syscall/bash.template | 2 +-
|
||
|
shared/templates/audit_rules_privileged_commands/bash.template | 2 +-
|
||
|
.../audit_rules_unsuccessful_file_modification/bash.template | 2 +-
|
||
|
shared/templates/grub2_bootloader_argument/bash.template | 2 +-
|
||
|
shared/templates/kernel_module_disabled/ansible.template | 2 +-
|
||
|
shared/templates/mount/anaconda.template | 2 +-
|
||
|
shared/templates/mount_option/anaconda.template | 2 +-
|
||
|
.../mount_option_removable_partitions/anaconda.template | 2 +-
|
||
|
shared/templates/zipl_bls_entries_option/ansible.template | 2 +-
|
||
|
shared/templates/zipl_bls_entries_option/bash.template | 2 +-
|
||
|
12 files changed, 12 insertions(+), 12 deletions(-)
|
||
|
|
||
|
diff --git a/shared/templates/audit_rules_file_deletion_events/bash.template b/shared/templates/audit_rules_file_deletion_events/bash.template
|
||
|
index c387624cfb..851b0fd43e 100644
|
||
|
--- a/shared/templates/audit_rules_file_deletion_events/bash.template
|
||
|
+++ b/shared/templates/audit_rules_file_deletion_events/bash.template
|
||
|
@@ -1,4 +1,4 @@
|
||
|
-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
+# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
|
||
|
# Include source function library.
|
||
|
. /usr/share/scap-security-guide/remediation_functions
|
||
|
diff --git a/shared/templates/audit_rules_login_events/bash.template b/shared/templates/audit_rules_login_events/bash.template
|
||
|
index 065e8bb288..69e8be9c50 100644
|
||
|
--- a/shared/templates/audit_rules_login_events/bash.template
|
||
|
+++ b/shared/templates/audit_rules_login_events/bash.template
|
||
|
@@ -1,4 +1,4 @@
|
||
|
-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
+# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
|
||
|
# Include source function library.
|
||
|
. /usr/share/scap-security-guide/remediation_functions
|
||
|
diff --git a/shared/templates/audit_rules_path_syscall/bash.template b/shared/templates/audit_rules_path_syscall/bash.template
|
||
|
index c3d31aade9..656d168ddd 100644
|
||
|
--- a/shared/templates/audit_rules_path_syscall/bash.template
|
||
|
+++ b/shared/templates/audit_rules_path_syscall/bash.template
|
||
|
@@ -1,4 +1,4 @@
|
||
|
-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
+# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
|
||
|
# Include source function library.
|
||
|
. /usr/share/scap-security-guide/remediation_functions
|
||
|
diff --git a/shared/templates/audit_rules_privileged_commands/bash.template b/shared/templates/audit_rules_privileged_commands/bash.template
|
||
|
index 42e12671ac..85dbc9b828 100644
|
||
|
--- a/shared/templates/audit_rules_privileged_commands/bash.template
|
||
|
+++ b/shared/templates/audit_rules_privileged_commands/bash.template
|
||
|
@@ -1,4 +1,4 @@
|
||
|
-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
+# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
|
||
|
# Include source function library.
|
||
|
. /usr/share/scap-security-guide/remediation_functions
|
||
|
diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
|
||
|
index e89ac0749c..daf146f7eb 100644
|
||
|
--- a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
|
||
|
+++ b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
|
||
|
@@ -1,4 +1,4 @@
|
||
|
-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
+# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
|
||
|
# Include source function library.
|
||
|
. /usr/share/scap-security-guide/remediation_functions
|
||
|
diff --git a/shared/templates/grub2_bootloader_argument/bash.template b/shared/templates/grub2_bootloader_argument/bash.template
|
||
|
index bac84526ee..965fe5bac0 100644
|
||
|
--- a/shared/templates/grub2_bootloader_argument/bash.template
|
||
|
+++ b/shared/templates/grub2_bootloader_argument/bash.template
|
||
|
@@ -1,4 +1,4 @@
|
||
|
-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
+# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
|
||
|
{{% if product in ["rhel7", "ol7"] %}}
|
||
|
{{% if '/' in ARG_NAME %}}
|
||
|
diff --git a/shared/templates/kernel_module_disabled/ansible.template b/shared/templates/kernel_module_disabled/ansible.template
|
||
|
index 72f7ae18bf..2526baf737 100644
|
||
|
--- a/shared/templates/kernel_module_disabled/ansible.template
|
||
|
+++ b/shared/templates/kernel_module_disabled/ansible.template
|
||
|
@@ -1,4 +1,4 @@
|
||
|
-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
|
||
|
+# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
|
||
|
# reboot = true
|
||
|
# strategy = disable
|
||
|
# complexity = low
|
||
|
diff --git a/shared/templates/mount/anaconda.template b/shared/templates/mount/anaconda.template
|
||
|
index 5093c926da..fdcb4ee3e8 100644
|
||
|
--- a/shared/templates/mount/anaconda.template
|
||
|
+++ b/shared/templates/mount/anaconda.template
|
||
|
@@ -1,4 +1,4 @@
|
||
|
-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
+# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
# reboot = false
|
||
|
# strategy = enable
|
||
|
# complexity = low
|
||
|
diff --git a/shared/templates/mount_option/anaconda.template b/shared/templates/mount_option/anaconda.template
|
||
|
index 0a54865e12..083b0ef008 100644
|
||
|
--- a/shared/templates/mount_option/anaconda.template
|
||
|
+++ b/shared/templates/mount_option/anaconda.template
|
||
|
@@ -1,4 +1,4 @@
|
||
|
-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
+# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
# reboot = false
|
||
|
# strategy = enable
|
||
|
# complexity = low
|
||
|
diff --git a/shared/templates/mount_option_removable_partitions/anaconda.template b/shared/templates/mount_option_removable_partitions/anaconda.template
|
||
|
index b4510ae804..8665fb913a 100644
|
||
|
--- a/shared/templates/mount_option_removable_partitions/anaconda.template
|
||
|
+++ b/shared/templates/mount_option_removable_partitions/anaconda.template
|
||
|
@@ -1,4 +1,4 @@
|
||
|
-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
+# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
|
||
|
# reboot = false
|
||
|
# strategy = enable
|
||
|
# complexity = low
|
||
|
diff --git a/shared/templates/zipl_bls_entries_option/ansible.template b/shared/templates/zipl_bls_entries_option/ansible.template
|
||
|
index 7e73d391de..336775e4f8 100644
|
||
|
--- a/shared/templates/zipl_bls_entries_option/ansible.template
|
||
|
+++ b/shared/templates/zipl_bls_entries_option/ansible.template
|
||
|
@@ -1,4 +1,4 @@
|
||
|
-# platform = Red Hat Enterprise Linux 8
|
||
|
+# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
|
||
|
# reboot = true
|
||
|
# strategy = configure
|
||
|
# complexity = medium
|
||
|
diff --git a/shared/templates/zipl_bls_entries_option/bash.template b/shared/templates/zipl_bls_entries_option/bash.template
|
||
|
index 81bbb7884b..25cd7432c9 100644
|
||
|
--- a/shared/templates/zipl_bls_entries_option/bash.template
|
||
|
+++ b/shared/templates/zipl_bls_entries_option/bash.template
|
||
|
@@ -1,4 +1,4 @@
|
||
|
-# platform = Red Hat Enterprise Linux 8
|
||
|
+# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
|
||
|
|
||
|
# Correct BLS option using grubby, which is a thin wrapper around BLS operations
|
||
|
grubby --update-kernel=ALL --args="{{{ ARG_NAME }}}={{{ ARG_VALUE }}}"
|