Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RHCOS/OCP: Add more detailed instructions for more OCIL instances #6838

Merged
merged 1 commit into from Apr 16, 2021
Merged

RHCOS/OCP: Add more detailed instructions for more OCIL instances #6838

merged 1 commit into from Apr 16, 2021

Conversation

JAORMX
Copy link
Contributor

@JAORMX JAORMX commented Apr 14, 2021
edited

This covers better instructions in RHCOS4 and OCP4 content.

The following macros were modified:

  • ocil_file_permissions
  • ocil_file_group_owner
  • ocil_file_owner

Signed-off-by: Juan Antonio Osorio Robles jaosorior@redhat.com

@openscap-ci
Copy link
Collaborator

openscap-ci commented Apr 14, 2021
edited

Changes identified:
Macros:
 ocil_file_permissions
 ocil_file_owner
 ocil_file_group_owner

Show details

Macro ocil_file_permissions:
 In rule description for file_permissions_etcd_pki_cert_files.
 In rule description for file_permissions_etc_passwd.
 In rule description for file_permissions_ovsdb_server_pid.
 In rule description for file_permissions_cni_conf.
 In rule description for file_permissions_crontab.
 In rule description for file_permissions_backup_etc_shadow.
 In rule description for file_permissions_systemmap.
 In rule description for file_etc_security_opasswd.
 In rule description for file_permissions_cron_hourly.
 In rule description for file_permissions_ovs_vswitchd_pid.
 In rule description for file_permissions_var_log_messages.
 In rule description for file_permissions_multus_conf.
 In rule description for file_permissions_httpd_server_conf_files.
 In rule description for file_permissions_backup_etc_group.
 In rule description for file_permissions_sshd_pub_key.
 In rule description for file_permissions_worker_service.
 In rule description for file_permissions_scheduler.
 In rule description for file_permissions_httpd_server_modules_files.
 In rule description for sudo_restrict_others_executable_permission.
 In rule description for file_permissions_sshd_private_key.
 In rule description for file_permissions_openshift_pki_cert_files.
 In rule description for file_permissions_cron_daily.
 In rule description for file_permissions_kubeconfig.
 In rule description for file_permissions_kube_scheduler.
 In rule description for file_permissions_kube_apiserver.
 In rule description for cinder_conf_file_perms.
 In rule description for file_permissions_etc_hosts_deny.
 In rule description for file_permissions_openvswitch.
 In rule description for file_permissions_ovs_conf_db.
 In rule description for file_permissions_etc_issue.
 In rule description for file_permissions_ovs_pid.
 In rule description for file_permissions_etc_motd.
 In rule description for file_permissions_etc_shadow.
 In rule description for file_permissions_httpd_server_conf_d_files.
 In rule description for dir_perms_etc_httpd_conf.
 In rule description for file_permissions_controller_manager_kubeconfig.
 In rule description for file_permissions_cron_d.
 In rule description for file_permissions_openshift_pki_key_files.
 In rule description for file_permissions_worker_ca.
 In rule description for file_permissions_scheduler_kubeconfig.
 In rule description for file_permissions_etcd_data_dir.
 In rule description for file_permissions_cron_monthly.
 In rule description for file_permissions_kube_controller_manager.
 In rule description for file_perms_openshift_sdn_cniserver_config.
 In rule description for file_permissions_cron_weekly.
 In rule description for file_permissions_etcd_member.
 In rule description for file_permissions_backup_etc_gshadow.
 In rule description for file_permissions_proxy_kubeconfig.
 In rule description for file_permissions_kubelet_conf.
 In rule description for file_permissions_worker_kubeconfig.
 In rule description for file_permissions_ip_allocations.
 In rule description for file_permissions_etc_gshadow.
 In rule description for file_permissions_etcd_data_files.
 In rule description for file_permissions_var_lib_etcd.
 In rule description for file_permissions_ovs_conf_db_lock.
 In rule description for file_permissions_master_admin_kubeconfigs.
 In rule description for file_permissions_ovs_sys_id_conf.
 In rule description for file_permissions_etc_group.
 In rule description for file_permissions_sshd_config.
 In rule description for file_permissions_etc_hosts_allow.
 In rule description for file_permissions_backup_etc_passwd.
Macro ocil_file_owner:
 In rule description for file_owner_efi_grub2_cfg.
 In rule description for file_owner_etc_issue.
 In rule description for file_owner_ovs_pid.
 In rule description for file_owner_kubelet_conf.
 In rule description for file_owner_cni_conf.
 In rule description for file_owner_multus_conf.
 In rule description for file_owner_kube_scheduler.
 In rule description for file_owner_ovs_conf_db_lock.
 In rule description for file_etc_security_opasswd.
 In rule description for file_owner_worker_ca.
 In rule description for file_owner_etcd_data_dir.
 In rule description for file_owner_ovsdb_server_pid.
 In rule description for file_owner_ovs_conf_db.
 In rule description for file_owner_ovs_vswitchd_pid.
 In rule description for file_owner_cron_monthly.
 In rule description for file_owner_ip_allocations.
 In rule description for file_owner_cron_daily.
 In rule description for file_owner_var_lib_etcd.
 In rule description for file_owner_backup_etc_shadow.
 In rule description for file_owner_openshift_pki_key_files.
 In rule description for file_owner_worker_service.
 In rule description for file_owner_cron_d.
 In rule description for file_owner_cron_hourly.
 In rule description for file_owner_etc_hosts_allow.
 In rule description for file_owner_openvswitch.
 In rule description for file_owner_etcd_member.
 In rule description for file_owner_crontab.
 In rule description for file_owner_backup_etc_passwd.
 In rule description for file_owner_etc_passwd.
 In rule description for file_owner_worker_kubeconfig.
 In rule description for file_owner_kubeconfig.
 In rule description for file_owner_openshift_sdn_cniserver_config.
 In rule description for file_owner_etcd_pki_cert_files.
 In rule description for file_owner_etc_shadow.
 In rule description for file_owner_cron_allow.
 In rule description for file_owner_etcd_data_files.
 In rule description for file_owner_kube_apiserver.
 In rule description for file_owner_sshd_config.
 In rule description for file_owner_backup_etc_gshadow.
 In rule description for file_owner_etc_motd.
 In rule description for file_owner_controller_manager_kubeconfig.
 In rule description for file_owner_etc_group.
 In rule description for file_owner_proxy_kubeconfig.
 In rule description for file_owner_backup_etc_group.
 In rule description for file_owner_scheduler_kubeconfig.
 In rule description for file_owner_ovs_sys_id_conf.
 In rule description for file_owner_kube_controller_manager.
 In rule description for file_owner_cron_weekly.
 In rule description for file_owner_etc_gshadow.
 In rule description for file_owner_master_admin_kubeconfigs.
 In rule description for file_owner_etc_hosts_deny.
 In rule description for file_owner_grub2_cfg.
 In rule description for file_owner_openshift_pki_cert_files.
Macro ocil_file_group_owner:
 In rule description for file_groupowner_proxy_kubeconfig.
 In rule description for file_groupowner_etcd_data_files.
 In rule description for file_groupowner_kube_scheduler.
 In rule description for file_groupowner_etc_shadow.
 In rule description for file_groupowner_ovs_conf_db.
 In rule description for file_groupowner_cron_allow.
 In rule description for file_groupowner_kube_apiserver.
 In rule description for file_groupowner_ovs_pid.
 In rule description for file_groupowner_openvswitch.
 In rule description for file_groupowner_cron_daily.
 In rule description for file_groupowner_etc_hosts_deny.
 In rule description for file_groupowner_controller_manager_kubeconfig.
 In rule description for file_etc_security_opasswd.
 In rule description for file_groupowner_etc_gshadow.
 In rule description for file_groupowner_cron_hourly.
 In rule description for file_groupowner_ovs_sys_id_conf.
 In rule description for file_groupowner_openshift_sdn_cniserver_config.
 In rule description for file_groupowner_kubelet_conf.
 In rule description for file_groupowner_backup_etc_gshadow.
 In rule description for file_groupowner_etcd_member.
 In rule description for file_groupowner_etcd_pki_cert_files.
 In rule description for file_groupowner_backup_etc_group.
 In rule description for file_groupowner_crontab.
 In rule description for file_groupowner_worker_kubeconfig.
 In rule description for file_groupowner_backup_etc_passwd.
 In rule description for file_groupowner_kubeconfig.
 In rule description for file_groupowner_etc_issue.
 In rule description for file_groupowner_cron_d.
 In rule description for file_groupowner_worker_ca.
 In rule description for file_groupowner_grub2_cfg.
 In rule description for file_groupowner_ovs_vswitchd_pid.
 In rule description for file_groupowner_openshift_pki_cert_files.
 In rule description for file_groupowner_openshift_pki_key_files.
 In rule description for file_groupowner_cron_monthly.
 In rule description for file_groupowner_cron_weekly.
 In rule description for file_groupowner_scheduler_kubeconfig.
 In rule description for file_groupowner_master_admin_kubeconfigs.
 In rule description for file_groupowner_backup_etc_shadow.
 In rule description for file_groupowner_sshd_config.
 In rule description for sudo_dedicated_group.
 In rule description for file_groupowner_etc_hosts_allow.
 In rule description for file_groupowner_etcd_data_dir.
 In rule description for file_groupowner_worker_service.
 In rule description for file_groupowner_kube_controller_manager.
 In rule description for file_groupowner_etc_group.
 In rule description for file_groupowner_etc_passwd.
 In rule description for file_groupowner_cni_conf.
 In rule description for file_groupowner_ovs_conf_db_lock.
 In rule description for file_groupowner_ovsdb_server_pid.
 In rule description for file_groupowner_multus_conf.
 In rule description for file_groupowner_efi_grub2_cfg.
 In rule description for file_groupowner_ip_allocations.
 In rule description for file_groupowner_etc_motd.

@JAORMX JAORMX changed the title RHCOS: Add more detailed instructions for more OCIL instances RHCOS/OCP: Add more detailed instructions for more OCIL instances Apr 14, 2021
@JAORMX
RHCOS/OCP: Add more detailed instructions for more OCIL instances
21387ee 
This covers better instructions in RHCOS4 and OCP4 content.

The following macros were modified:

* ocil_file_permissions
* ocil_file_group_owner
* ocil_file_owner

Signed-off-by: Juan Antonio Osorio Robles <jaosorior@redhat.com>
jhrozek
jhrozek approved these changes Apr 15, 2021
View reviewed changes
Copy link
Collaborator

@jhrozek jhrozek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The new instructions read good to me.

@yuumasato yuumasato self-assigned this Apr 16, 2021
@yuumasato yuumasato added this to the 0.1.56 milestone Apr 16, 2021
@yuumasato yuumasato merged commit df2ec49 into ComplianceAsCode:master Apr 16, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jhrozek jhrozek jhrozek approved these changes

@yuumasato yuumasato yuumasato approved these changes

@ggbecker ggbecker Awaiting requested review from ggbecker

Assignees

@yuumasato yuumasato

Labels
None yet
Projects
None yet
Milestone
0.1.56
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@JAORMX @openscap-ci @jhrozek @yuumasato