Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add rule for disabling of GUI #6860

Merged
merged 9 commits into from Apr 19, 2021
Merged

add rule for disabling of GUI #6860

merged 9 commits into from Apr 19, 2021

Conversation

vojtapolasek
Copy link
Collaborator

Description:

  • add new rule xwindows_remove_packages_and_set_runlevel
    • the rule removes appropriate packages based on rhel version and also configures correct run level
  • add this rule to rhel7 and rhel8 stig profiles

Rationale:

  • stig effort

@vojtapolasek vojtapolasek added this to the 0.1.56 milestone Apr 19, 2021
@openshift-ci openshift-ci bot added the needs-rebase Used by openshift-ci bot. label Apr 19, 2021
@openscap-ci
Copy link
Collaborator

openscap-ci commented Apr 19, 2021
edited

Changes identified:
Rules:
 xwindows_remove_packages
Profiles:
 stig on rhel7
 stig on rhel8
 rhelh-stig on rhel8

Show details

Rule xwindows_remove_packages:
 Ansible remediation newly added.
 OVAL check is newly added.
 Bash remediation is newly added.
Profile stig on rhel7:
 Rule xwindows_remove_packages added to stig profile.
 Rule xwindows_runlevel_target, package_xorg-x11-server-common_removed removed from stig profile.
Profile stig on rhel8:
 Rule xwindows_remove_packages added to stig profile.
Profile rhelh-stig on rhel8:
 RHELH-STIG profile extends changed STIG profile.

Recommended tests to execute:
 build_product rhel8
 tests/test_suite.py rule --libvirt qemu:///system test-suite-vm --remediate-using ansible --datastream build/ssg-rhel8-ds.xml xwindows_remove_packages
 tests/test_suite.py rule --libvirt qemu:///system test-suite-vm --remediate-using bash --datastream build/ssg-rhel8-ds.xml xwindows_remove_packages
 tests/test_suite.py profile --libvirt qemu:///system test-suite-vm --datastream build/ssg-rhel8-ds.xml rhelh-stig
 tests/test_suite.py profile --libvirt qemu:///system test-suite-vm --datastream build/ssg-rhel8-ds.xml stig
 build_product rhel7
 tests/test_suite.py profile --libvirt qemu:///system test-suite-vm --datastream build/ssg-rhel7-ds.xml stig

@openshift-ci openshift-ci bot removed the needs-rebase Used by openshift-ci bot. label Apr 19, 2021
@carlosmmatos
Copy link
Contributor

LGTM

@carlosmmatos carlosmmatos merged commit d9aba90 into ComplianceAsCode:master Apr 19, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@carlosmmatos carlosmmatos carlosmmatos approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.1.56
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@vojtapolasek @openscap-ci @carlosmmatos