Nikhim um/powershell dsc um

Makefile

@@ -541,7 +541,7 @@ nxOMSGenerateInventoryMof:
 
 nxOMSPlugin:
 	rm -rf output/staging; \
-	VERSION="3.57"; \
+	VERSION="3.59"; \
 	PROVIDERS="nxOMSPlugin"; \
 	STAGINGDIR="output/staging/$@/DSCResources"; \
 	cat Providers/Modules/$@.psd1 | sed "s@<MODULE_VERSION>@$${VERSION}@" > intermediate/Modules/$@.psd1; \

Providers/Modules/Plugins/PatchManagement/plugin/patch_management_lib.rb

@@ -51,6 +51,14 @@ def getHostOSDetails()
     def getOSShortName(os_short_name = nil, os_version=nil)
         version = ""
         hostOSDetailsMap = getHostOSDetails()
+	  #os short name is not proper for oracle linux at /etc/opt/microsoft/scx/conf/scx-release. this is to return proper short name till scx fixes the issue.
+	  if hostOSDetailsMap.key?("OSFullName") && hostOSDetailsMap.key?("OSShortName")
+		  osFullName = hostOSDetailsMap["OSFullName"]
+		  osShortName = hostOSDetailsMap["OSShortName"]
+		  if osFullName.downcase.include?("oracle") && ! osShortName.downcase.include?("oracle")
+				os_short_name = "Oracle"
+          end
+	  end
 
         # match string of the form (1 or more non . chars)- followed by a . - (1 or more non . chars) - followed by anything
         if hostOSDetailsMap.key?("OSShortName")
@@ -104,6 +112,8 @@ def getOSShortName(os_short_name = nil, os_version=nil)
             else
                 version = @default_version
             end
+	  when "Oracle"
+		   version = "6.0"
         when "SUSE"
             if @os_major_version == "11"
                 version = "11.0" 

Providers/Modules/Plugins/SecurityBaseline/plugin/oms_audits.xml

@@ -556,8 +556,8 @@
       remediation="Add a boot loader password to the file '/boot/grub/grub.cfg'"
       ruleId="8a4f5ce8-41c4-710c-631e-fbc36a2fa53e">
       <check distro="*" command="CheckMatchingLinesIfExists" regex="^password\s+--encrypted\s+\S+" path="/boot/grub/grub.conf"/>
-      <check distro="*" command="CheckMatchingLinesIfExists" regex="^password\s+--encrypted\s+\S+" path="/boot/grub/grub.cfg"/>
-      <check distro="*" command="CheckMatchingLinesIfExists" regex="^password\s+--encrypted\s+\S+" path="/boot/grub2/grub.cfg"/>
+      <check distro="*" command="CheckMatchingLinesIfExists" regex="^[\s]*password(?:(?:_pbkdf2\s+\S+)|(?:\s+--encrypted))\s+\S+" path="/boot/grub/grub.cfg"/>
+      <check distro="*" command="CheckMatchingLinesIfExists" regex="^[\s]*password(?:(?:_pbkdf2\s+\S+)|(?:\s+--encrypted))\s+\S+" path="/boot/grub2/grub.cfg"/>
     </audit>
     <audit
       description="Ensure permissions on bootloader config are configured"
@@ -1206,7 +1206,7 @@
       impact="An attacker could use this system to send emails with malicious content to other users"
       remediation="Add the line 'inet_interfaces localhost' to the file '/etc/postfix/main.cf'"
       ruleId="d0cc4e35-70a1-4ee5-b572-3b969201562e">
-      <check distro="*" command="CheckMatchingLinesIfExists" regex="^[\s\t]*inet_interfaces\s+localhost\s*$" path="/etc/postfix/main.cf" />
+      <check distro="*" command="CheckMatchingLinesIfExists" regex="^[\s\t]*inet_interfaces\s*=\s*localhost\s*$" path="/etc/postfix/main.cf" />
     </audit>
     <audit
       description="The ldap service should be disabled."

installbuilder/datafiles/Base_DSC.data

@@ -98,7 +98,7 @@ SHLIB_EXT: 'so'
 /opt/microsoft/omsconfig/module_packages/nxOMSContainers_1.0.zip; release/nxOMSContainers_1.0.zip; 755; ${{RUN_AS_USER}}; root
 /opt/microsoft/omsconfig/module_packages/nxOMSCustomLog_1.0.zip; release/nxOMSCustomLog_1.0.zip; 755; ${{RUN_AS_USER}}; root
 /opt/microsoft/omsconfig/module_packages/nxOMSGenerateInventoryMof_1.5.zip; release/nxOMSGenerateInventoryMof_1.5.zip; 755; ${{RUN_AS_USER}}; root
-/opt/microsoft/omsconfig/module_packages/nxOMSPlugin_3.57.zip; release/nxOMSPlugin_3.57.zip; 755; ${{RUN_AS_USER}}; root
+/opt/microsoft/omsconfig/module_packages/nxOMSPlugin_3.59.zip; release/nxOMSPlugin_3.59.zip; 755; ${{RUN_AS_USER}}; root
 /opt/microsoft/omsconfig/module_packages/nxOMSWLI_1.46.zip; release/nxOMSWLI_1.46.zip; 755; ${{RUN_AS_USER}}; root
 #endif
 
@@ -379,7 +379,7 @@ if [ "$pythonVersion" = "python3" ]; then
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/python3/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSContainers_1.0.zip 0"
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/python3/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSCustomLog_1.0.zip 0"
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/python3/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSGenerateInventoryMof_1.5.zip 0"
-	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/python3/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSPlugin_3.57.zip 0"
+	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/python3/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSPlugin_3.59.zip 0"
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/python3/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSWLI_1.46.zip 0"
 else
   echo "Running python2 python version is ", $pythonVersion
@@ -389,7 +389,7 @@ else
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSContainers_1.0.zip 0"
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSCustomLog_1.0.zip 0"
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSGenerateInventoryMof_1.5.zip 0"
-	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSPlugin_3.57.zip 0"
+	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSPlugin_3.59.zip 0"
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSWLI_1.46.zip 0"
 #endif