From 21124e8524967788d4c95d47dd41259a0c7f958c Mon Sep 17 00:00:00 2001 From: Vojtech Polasek Date: Wed, 20 Jul 2022 14:18:13 +0200 Subject: [PATCH] change remediations to include the "=" sign --- .../crypto/configure_openssl_crypto_policy/ansible/shared.yml | 4 ++-- .../crypto/configure_openssl_crypto_policy/bash/shared.sh | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/ansible/shared.yml index c335a9e7fa2..852ca18cf79 100644 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/ansible/shared.yml +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/ansible/shared.yml @@ -20,7 +20,7 @@ lineinfile: create: yes insertafter: '^\s*\[\s*crypto_policy\s*]\s*' - line: ".include /etc/crypto-policies/back-ends/opensslcnf.config" + line: ".include = /etc/crypto-policies/back-ends/opensslcnf.config" path: {{{ openssl_cnf_path }}} when: - test_crypto_policy_group.stdout is defined @@ -29,7 +29,7 @@ - name: "Add crypto_policy group and set include opensslcnf.config" lineinfile: create: yes - line: "[crypto_policy]\n.include /etc/crypto-policies/back-ends/opensslcnf.config" + line: "[crypto_policy]\n.include = /etc/crypto-policies/back-ends/opensslcnf.config" path: {{{ openssl_cnf_path }}} when: - test_crypto_policy_group.stdout is defined diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/bash/shared.sh index 21edb780a2f..79eb5cff189 100644 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/bash/shared.sh +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/bash/shared.sh @@ -2,8 +2,8 @@ OPENSSL_CRYPTO_POLICY_SECTION='[ crypto_policy ]' OPENSSL_CRYPTO_POLICY_SECTION_REGEX='\[\s*crypto_policy\s*\]' -OPENSSL_CRYPTO_POLICY_INCLUSION='.include /etc/crypto-policies/back-ends/opensslcnf.config' -OPENSSL_CRYPTO_POLICY_INCLUSION_REGEX='^\s*\.include\s*/etc/crypto-policies/back-ends/opensslcnf.config$' +OPENSSL_CRYPTO_POLICY_INCLUSION='.include = /etc/crypto-policies/back-ends/opensslcnf.config' +OPENSSL_CRYPTO_POLICY_INCLUSION_REGEX='^\s*\.include\s*(?:=\s*)?/etc/crypto-policies/back-ends/opensslcnf.config$' {{% if 'sle' in product %}} {{% set openssl_cnf_path="/etc/ssl/openssl.cnf" %}}