Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add mount[boot-efi] platform to mount_option_boot_efi_nosuid rule #13152

Merged
merged 1 commit into from
Mar 7, 2025
Merged

Add mount[boot-efi] platform to mount_option_boot_efi_nosuid rule #13152

merged 1 commit into from
Mar 7, 2025
+10 −6

Conversation

evgenyz
Copy link
Member

@evgenyz evgenyz commented Mar 6, 2025

Description:

  • Make the rule explicitly not applicable.

Rationale:

Review Hints:

  • While platform does not exactly follow the DISA applicability criteria, it'd match the behavior in general. For the cases when it won't it actually would be very useful to check the presence of the mount option (e.g. in double-boot systems, when partition is present, but the system is currently in BIOS mode).

@evgenyz
Add mount[boot-efi] platform to mount_option_boot_efi_nosuid rule
ac104cf 
In order to get closer to the DISA understanding of the applicability
for this rule, let's make it not applicable when there is no mountpoint
present.
@evgenyz evgenyz added this to the 0.1.77 milestone Mar 6, 2025
@evgenyz evgenyz added productization-issue Issue found in upstream stabilization process. RHEL9 Red Hat Enterprise Linux 9 product related. RHEL8 Red Hat Enterprise Linux 8 product related. STIG STIG Benchmark related. labels Mar 6, 2025
@codeclimate CodeClimate
Copy link

codeclimate bot commented Mar 6, 2025

Code Climate has analyzed commit ac104cf and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 62.1% (0.0% change).

View more on Code Climate.

@Mab879 Mab879 self-assigned this Mar 7, 2025
@Mab879
Copy link
Member

Mab879 commented Mar 7, 2025

/packit retest-failed

@Mab879 Mab879 merged commit 2004648 into ComplianceAsCode:master Mar 7, 2025
125 of 128 checks passed
@evgenyz evgenyz deleted the fix-platform-mount_option_boot_efi_nosuid branch March 8, 2025 13:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Mab879 Mab879

Assignees

@Mab879 Mab879

Labels
productization-issue Issue found in upstream stabilization process. RHEL8 Red Hat Enterprise Linux 8 product related. RHEL9 Red Hat Enterprise Linux 9 product related. STIG STIG Benchmark related.
Projects
None yet
Milestone
0.1.77
Development

Successfully merging this pull request may close these issues.

DISA misalignment with rule mount_option_boot_efi_nosuid
2 participants
@evgenyz @Mab879