diff --git a/.github/workflows/gate.yaml b/.github/workflows/gate.yaml
index 97f996c72da..3850939c982 100644
--- a/.github/workflows/gate.yaml
+++ b/.github/workflows/gate.yaml
@@ -151,7 +151,6 @@ jobs:
rhel8 \
rhel9 \
rhel10 \
- uos20 \
env:
ADDITIONAL_CMAKE_OPTIONS: "-DSSG_OVAL_SCHEMATRON_VALIDATION_ENABLED=OFF"
- name: Test
diff --git a/.github/workflows/gate_fedora.yml b/.github/workflows/gate_fedora.yml
index bb76acc6162..0b2555739ff 100644
--- a/.github/workflows/gate_fedora.yml
+++ b/.github/workflows/gate_fedora.yml
@@ -47,7 +47,6 @@ jobs:
rhel9 \
rhel10 \
rhv4 \
- uos20
env:
ADDITIONAL_CMAKE_OPTIONS: "-DSSG_ANSIBLE_PLAYBOOKS_PER_RULE_ENABLED=ON -DSSG_OVAL_SCHEMATRON_VALIDATION_ENABLED=OFF"
- name: Test
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 1050f7a8095..95539eb0d96 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -114,7 +114,6 @@ option(SSG_PRODUCT_UBUNTU1604 "If enabled, the Ubuntu 16.04 SCAP content will be
option(SSG_PRODUCT_UBUNTU1804 "If enabled, the Ubuntu 18.04 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
option(SSG_PRODUCT_UBUNTU2004 "If enabled, the Ubuntu 20.04 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
option(SSG_PRODUCT_UBUNTU2204 "If enabled, the Ubuntu 22.04 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
-option(SSG_PRODUCT_UOS20 "If enabled, the Uos 20 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
option(SSG_PRODUCT_AL2023 "If enabled, the AL2023 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
# Products derivatives
option(SSG_CENTOS_DERIVATIVES_ENABLED "If enabled, CentOS derivative content will be built from the RHEL content" TRUE)
@@ -341,7 +340,6 @@ message(STATUS "Ubuntu 16.04: ${SSG_PRODUCT_UBUNTU1604}")
message(STATUS "Ubuntu 18.04: ${SSG_PRODUCT_UBUNTU1804}")
message(STATUS "Ubuntu 20.04: ${SSG_PRODUCT_UBUNTU2004}")
message(STATUS "Ubuntu 22.04: ${SSG_PRODUCT_UBUNTU2204}")
-message(STATUS "Uos 20: ${SSG_PRODUCT_UOS20}")
message(STATUS "AL 2023: ${SSG_PRODUCT_AL2023}")
message(STATUS "OpenEmbedded: ${SSG_PRODUCT_OPENEMBEDDED}")
message(STATUS " ")
@@ -462,9 +460,6 @@ endif()
if(SSG_PRODUCT_UBUNTU2204)
add_subdirectory("products/ubuntu2204" "ubuntu2204")
endif()
-if(SSG_PRODUCT_UOS20)
- add_subdirectory("products/uos20" "uos20")
-endif()
if(SSG_PRODUCT_OPENEMBEDDED)
add_subdirectory("products/openembedded" "openembedded")
endif()
diff --git a/build_product b/build_product
index b3246a268cd..b32cc48b163 100755
--- a/build_product
+++ b/build_product
@@ -377,7 +377,6 @@ all_cmake_products=(
UBUNTU1804
UBUNTU2004
UBUNTU2204
- UOS20
MACOS1015
OPENEMBEDDED
OPENEULER2203
diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/ansible/shared.yml b/linux_os/guide/system/software/updating/security_patches_up_to_date/ansible/shared.yml
index cf355e336fe..dc892e92010 100644
--- a/linux_os/guide/system/software/updating/security_patches_up_to_date/ansible/shared.yml
+++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_al2023,multi_platform_alinux,multi_platform_anolis,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_uos
+# platform = multi_platform_al2023,multi_platform_alinux,multi_platform_anolis,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
# reboot = true
# strategy = patch
# complexity = low
diff --git a/products/uos20/CMakeLists.txt b/products/uos20/CMakeLists.txt
deleted file mode 100644
index 85c94758654..00000000000
--- a/products/uos20/CMakeLists.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-# Sometimes our users will try to do: "cd uos20; cmake ." That needs to error in a nice way.
-if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_CURRENT_SOURCE_DIR}")
- message(FATAL_ERROR "cmake has to be used on the root CMakeLists.txt, see the Building ComplianceAsCode section in the Developer Guide!")
-endif()
-
-ssg_build_product("uos20")
diff --git a/products/uos20/overlays/.gitkeep b/products/uos20/overlays/.gitkeep
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/products/uos20/product.yml b/products/uos20/product.yml
deleted file mode 100644
index 504b9fe690f..00000000000
--- a/products/uos20/product.yml
+++ /dev/null
@@ -1,25 +0,0 @@
-product: uos20
-full_name: UnionTech OS Server 20
-type: platform
-
-benchmark_id: UOS-20
-benchmark_root: "../../linux_os/guide"
-
-profiles_root: "./profiles"
-
-pkg_manager: "yum"
-
-init_system: "systemd"
-
-cpes_root: "../../shared/applicability"
-cpes:
- - uos20:
- name: "cpe:/o:uos:uniontech_os_server:20"
- title: "UnionTech OS Server 20"
- check_id: installed_OS_is_uos20
-
-# Mapping of CPE platform to package
-platform_package_overrides:
- login_defs: "shadow-utils"
-
-
diff --git a/products/uos20/profiles/default.profile b/products/uos20/profiles/default.profile
deleted file mode 100644
index 73c3421107c..00000000000
--- a/products/uos20/profiles/default.profile
+++ /dev/null
@@ -1,348 +0,0 @@
-documentation_complete: true
-
-hidden: true
-
-title: Default Profile for UnionTech OS Server 20
-
-description: |-
- This profile contains all the rules that once belonged to the
- uos20 product via 'prodtype'. This profile won't
- be rendered into an XCCDF Profile entity, nor it will select any
- of these rules by default. The only purpose of this profile
- is to keep a rule in the product's XCCDF Benchmark.
-
-selections:
- - grub2_enable_iommu_force
- - gid_passwd_group_same
- - auditd_data_disk_full_action
- - kernel_config_debug_list
- - audit_rules_sysadmin_actions
- - audit_rules_media_export
- - rsyslog_encrypt_offload_defaultnetstreamdriver
- - file_ownership_library_dirs
- - coredump_disable_storage
- - kernel_config_seccomp
- - auditd_data_retention_max_log_file_action_stig
- - sudoers_no_command_negation
- - file_owner_backup_etc_shadow
- - file_groupowner_var_log
- - set_ip6tables_default_rule
- - sudo_require_authentication
- - kernel_config_security
- - audit_rules_dac_modification_umount2
- - kernel_config_security_dmesg_restrict
- - accounts_umask_etc_profile
- - sshd_set_max_sessions
- - sudoers_no_root_target
- - disable_host_auth
- - file_owner_backup_etc_gshadow
- - kernel_config_kexec
- - file_owner_backup_etc_passwd
- - package_chrony_installed
- - package_ntpdate_removed
- - file_groupownership_sshd_pub_key
- - directory_permissions_var_log_audit
- - file_groupowner_var_log_syslog
- - service_netfs_disabled
- - file_groupownership_audit_configuration
- - file_ownership_sshd_pub_key
- - package_ntp_installed
- - sshd_disable_compression
- - package_cron_installed
- - sshd_print_last_log
- - kernel_config_module_sig_hash
- - grub2_nosmap_argument_absent
- - mount_option_dev_shm_nodev
- - sshd_disable_tcp_forwarding
- - kernel_config_debug_notifiers
- - auditd_overflow_action
- - sshd_allow_only_protocol2
- - file_permissions_home_dirs
- - no_netrc_files
- - postfix_client_configure_mail_alias_postmaster
- - accounts_password_minlen_login_defs
- - account_unique_name
- - sudo_add_use_pty
- - kernel_config_bug
- - file_groupowner_etc_passwd
- - service_iptables_enabled
- - file_permissions_backup_etc_group
- - partition_for_home
- - chronyd_server_directive
- - partition_for_var_log_audit
- - kernel_config_unmap_kernel_at_el0
- - audit_rules_time_adjtimex
- - partition_for_srv
- - auditd_log_format
- - accounts_minimum_age_login_defs
- - partition_for_var_log
- - audit_rules_dac_modification_setxattr
- - service_sshd_disabled
- - sysctl_kernel_panic_on_oops
- - file_permissions_audit_configuration
- - sshd_disable_empty_passwords
- - file_permissions_backup_etc_shadow
- - package_audit_installed
- - sshd_disable_pubkey_auth
- - audit_privileged_commands_reboot
- - sshd_set_idle_timeout
- - auditd_freq
- - kernel_module_tipc_disabled
- - package_syslogng_installed
- - kernel_config_module_sig_all
- - kernel_config_ia32_emulation
- - file_permissions_sshd_pub_key
- - chronyd_specify_remote_server
- - grub2_slab_nomerge_argument
- - audit_rules_mac_modification_usr_share
- - sysctl_kernel_randomize_va_space
- - sshd_limit_user_access
- - file_permissions_backup_etc_passwd
- - accounts_umask_etc_login_defs
- - kernel_config_module_sig_key
- - accounts_polyinstantiated_var_tmp
- - file_owner_etc_passwd
- - kernel_config_module_sig_sha512
- - kernel_config_slub_debug
- - kernel_config_page_poisoning_no_sanity
- - file_permissions_library_dirs
- - file_groupowner_etc_shadow
- - sshd_set_loglevel_verbose
- - package_bind_removed
- - kernel_module_uvcvideo_disabled
- - sshd_disable_user_known_hosts
- - file_groupowner_etc_gshadow
- - kernel_config_default_mmap_min_addr
- - account_use_centralized_automated_auth
- - partition_for_var
- - audit_rules_dac_modification_lremovexattr
- - sysctl_net_ipv6_conf_all_disable_ipv6
- - sudo_vdsm_nopasswd
- - rsyslog_files_ownership
- - package_rsyslog_installed
- - file_permissions_etc_passwd
- - file_groupowner_etc_group
- - coredump_disable_backtraces
- - package_inetutils-telnetd_removed
- - auditd_data_retention_action_mail_acct
- - avahi_disable_publishing
- - sudo_custom_logfile
- - account_passwords_pam_faillock_dir
- - kernel_config_devkmem
- - file_permissions_backup_etc_gshadow
- - kernel_config_legacy_ptys
- - audit_rules_dac_modification_fchmod
- - file_permissions_etc_gshadow
- - file_groupownership_sshd_private_key
- - kernel_module_ipv6_option_disabled
- - audit_rules_privileged_commands
- - kernel_config_randomize_memory
- - sshd_disable_gssapi_auth
- - dir_ownership_library_dirs
- - file_groupowner_backup_etc_shadow
- - audit_rules_dac_modification_fremovexattr
- - sysctl_net_ipv4_conf_default_shared_media
- - audit_rules_immutable
- - audit_rules_file_deletion_events_unlinkat
- - kernel_config_x86_vsyscall_emulation
- - kernel_config_proc_kcore
- - service_systemd-journald_enabled
- - auditd_data_retention_max_log_file_action
- - grub2_spectre_v2_argument
- - file_permissions_var_log_messages
- - no_direct_root_logins
- - package_nss-tools_installed
- - sshd_enable_strictmodes
- - sudo_remove_nopasswd
- - kernel_config_page_poisoning_zero
- - package_logrotate_installed
- - audit_rules_dac_modification_fchmodat
- - kernel_config_compat_vdso
- - postfix_client_configure_relayhost
- - audit_privileged_commands_init
- - iptables_sshd_disabled
- - auditd_data_retention_max_log_file
- - sshd_disable_root_login
- - accounts_no_uid_except_zero
- - package_openssh-server_removed
- - kernel_config_retpoline
- - audit_rules_dac_modification_fchown
- - sshd_set_maxstartups
- - accounts_max_concurrent_login_sessions
- - file_owner_var_log
- - service_cron_enabled
- - ensure_logrotate_activated
- - file_permissions_etc_group
- - no_all_squash_exports
- - sshd_disable_kerb_auth
- - service_ufw_enabled
- - dir_permissions_binary_dirs
- - file_groupowner_backup_etc_passwd
- - package_nis_removed
- - package_gnutls-utils_installed
- - dhcp_client_restrict_options
- - file_permissions_binary_dirs
- - file_permissions_etc_shadow
- - accounts_password_last_change_is_in_past
- - accounts_password_all_shadowed
- - file_permissions_var_log_syslog
- - kernel_config_module_sig_force
- - file_owner_var_log_syslog
- - service_ip6tables_enabled
- - rsyslog_files_permissions
- - audit_rules_dac_modification_chown
- - grub2_nosmep_argument_absent
- - configure_user_data_backups
- - dir_ownership_binary_dirs
- - accounts_password_warn_age_login_defs
- - audit_rules_dac_modification_fchownat
- - sysctl_net_ipv6_conf_default_disable_ipv6
- - kernel_config_security_yama
- - file_owner_backup_etc_group
- - no_empty_passwords
- - accounts_maximum_age_login_defs
- - restrict_serial_port_logins
- - auditd_local_events
- - audit_rules_dac_modification_chmod
- - kernel_config_seccomp_filter
- - sshd_rekey_limit
- - auditd_data_retention_space_left_action
- - kernel_config_security_writable_hooks
- - fapolicyd_prevent_home_folder_access
- - kernel_config_binfmt_misc
- - sysctl_net_ipv4_conf_all_accept_local
- - sysctl_kernel_kptr_restrict
- - audit_rules_file_deletion_events_unlink
- - dir_perms_world_writable_sticky_bits
- - rsyslog_remote_loghost
- - kernel_module_rds_disabled
- - audit_rules_time_settimeofday
- - audit_rules_dac_modification_lsetxattr
- - kernel_config_panic_timeout
- - kernel_config_debug_credentials
- - file_permissions_var_log
- - file_ownership_sshd_private_key
- - kernel_config_panic_on_oops
- - grub2_systemd_debug-shell_argument_absent
- - file_owner_etc_group
- - auditd_data_disk_full_action_stig
- - sudo_add_requiretty
- - sysctl_fs_protected_hardlinks
- - rsyslog_files_groupownership
- - sshd_enable_gssapi_auth
- - kernel_config_debug_sg
- - partition_for_dev_shm
- - grub2_l1tf_argument
- - auditd_data_disk_error_action
- - audit_rules_dac_modification_removexattr
- - auditd_data_retention_admin_space_left_action
- - file_permissions_systemmap
- - kernel_config_ipv6
- - file_ownership_binary_dirs
- - grub2_disable_recovery
- - package_telnetd_removed
- - service_auditd_enabled
- - sshd_set_login_grace_time
- - audit_rules_dac_modification_lchown
- - sshd_enable_pubkey_auth
- - postfix_client_configure_mail_alias
- - no_empty_passwords_etc_shadow
- - kernel_config_compat_brk
- - sshd_enable_pam
- - audit_rules_time_clock_settime
- - grub2_spec_store_bypass_disable_argument
- - partition_for_tmp
- - service_syslogng_enabled
- - account_passwords_pam_faillock_audit
- - sudoers_explicit_command_args
- - accounts_root_gid_zero
- - auditd_data_retention_num_logs
- - file_permissions_sshd_private_key
- - mount_option_dev_shm_nosuid
- - dhcp_server_minimize_served_info
- - package_openssh-server_installed
- - accounts_logon_fail_delay
- - selinux_state
- - file_groupowner_var_log_messages
- - auditd_audispd_syslog_plugin_activated
- - kernel_config_acpi_custom_method
- - file_groupowner_backup_etc_group
- - kernel_config_syn_cookies
- - auditd_data_disk_error_action_stig
- - file_owner_var_log_messages
- - sshd_disable_root_password_login
- - file_ownership_audit_configuration
- - package_telnetd-ssl_removed
- - service_chronyd_enabled
- - grub2_rng_core_default_quality_argument
- - gnome_gdm_disable_xdmcp
- - package_MFEhiplsm_installed
- - audit_rules_session_events
- - kernel_config_page_table_isolation
- - audit_rules_usergroup_modification
- - sshd_set_keepalive
- - audit_rules_dac_modification_umount
- - audit_rules_file_deletion_events_rename
- - file_groupowner_backup_etc_gshadow
- - sysctl_net_ipv4_conf_all_arp_filter
- - kernel_config_hibernation
- - set_iptables_default_rule_forward
- - display_login_attempts
- - sshd_enable_warning_banner
- - package_postfix_installed
- - audit_privileged_commands_poweroff
- - auditd_write_logs
- - grub2_mce_argument
- - audit_rules_time_stime
- - file_owner_etc_gshadow
- - sshd_do_not_permit_user_env
- - accounts_polyinstantiated_tmp
- - kernel_disable_entropy_contribution_for_solid_state_drives
- - sshd_use_priv_separation
- - audit_privileged_commands_shutdown
- - dir_permissions_library_dirs
- - file_ownership_var_log_audit
- - sshd_enable_warning_banner_net
- - sysctl_fs_protected_symlinks
- - ftp_limit_users
- - rsyslog_accept_remote_messages_tcp
- - file_permissions_unauthorized_world_writable
- - service_rsyslog_enabled
- - kernel_config_randomize_base
- - sshd_set_loglevel_info
- - ftp_configure_firewall
- - package_libreswan_installed
- - audit_rules_file_deletion_events_rmdir
- - audit_rules_networkconfig_modification
- - sysctl_net_ipv4_conf_all_arp_ignore
- - securetty_root_login_console_only
- - sshd_set_keepalive_0
- - selinux_not_disabled
- - accounts_root_path_dirs_no_write
- - sysctl_net_ipv4_conf_all_shared_media
- - file_owner_etc_shadow
- - root_path_no_dot
- - no_rsh_trust_files
- - sudo_remove_no_authenticate
- - sudo_add_noexec
- - sysctl_net_ipv4_conf_all_route_localnet
- - kernel_config_debug_fs
- - disallow_bypass_password_sudo
- - prefer_64bit_os
- - sshd_disable_x11_forwarding
- - sshd_enable_x11_forwarding
- - sshd_disable_rhosts_rsa
- - harden_ssh_client_crypto_policy
- - sshd_set_max_auth_tries
- - sshd_disable_rhosts
- - audit_rules_file_deletion_events_renameat
- - audit_rules_dac_modification_fsetxattr
- - set_iptables_default_rule
- - sysctl_fs_suid_dumpable
- - accounts_passwords_pam_faillock_audit
- - rsyslog_encrypt_offload_actionsendstreamdrivermode
- - rsyslog_encrypt_offload_actionsendstreamdriverauthmode
- - rsyslog_accept_remote_messages_udp
- - kernel_config_module_sig
- - audit_rules_mac_modification
- - audit_rules_time_watch_localtime
diff --git a/products/uos20/profiles/standard.profile b/products/uos20/profiles/standard.profile
deleted file mode 100644
index 5a5c381eba1..00000000000
--- a/products/uos20/profiles/standard.profile
+++ /dev/null
@@ -1,31 +0,0 @@
-documentation_complete: true
-
-title: 'Standard System Security Profile for UnionTech OS Server 20'
-
-description: |-
- This profile contains rules to ensure standard security baseline
- of a UnionTech OS Server 20 system. Regardless of your system's workload
- all of these checks should pass.
-
-selections:
- - ensure_gpgcheck_globally_activated
- - ensure_redhat_gpgkey_installed
- - rpm_verify_permissions
- - rpm_verify_hashes
- - security_patches_up_to_date
- - file_permissions_unauthorized_sgid
- - file_permissions_unauthorized_suid
- - audit_rules_file_deletion_events
- - service_abrtd_disabled
- - service_atd_disabled
- - service_autofs_disabled
- - service_ntpdate_disabled
- - service_oddjobd_disabled
- - service_qpidd_disabled
- - service_rdisc_disabled
- - configure_crypto_policy
- - configure_bind_crypto_policy
- - configure_openssl_crypto_policy
- - configure_libreswan_crypto_policy
- - configure_ssh_crypto_policy
- - configure_kerberos_crypto_policy
diff --git a/products/uos20/transforms/constants.xslt b/products/uos20/transforms/constants.xslt
deleted file mode 100644
index aabfbf4cb71..00000000000
--- a/products/uos20/transforms/constants.xslt
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
-
-
-UnionTech OS Server 20
-Uos 20
-empty
-uos
-
-
-
-
diff --git a/products/uos20/transforms/shorthand2xccdf.xslt b/products/uos20/transforms/shorthand2xccdf.xslt
deleted file mode 100644
index 6ac64058028..00000000000
--- a/products/uos20/transforms/shorthand2xccdf.xslt
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-
-
-
-unknown
-unlinked-uos20-oval.xml
-
-
diff --git a/products/uos20/transforms/table-srgmap.xslt b/products/uos20/transforms/table-srgmap.xslt
deleted file mode 100644
index 23c2f60a2c2..00000000000
--- a/products/uos20/transforms/table-srgmap.xslt
+++ /dev/null
@@ -1,11 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
diff --git a/products/uos20/transforms/table-style.xslt b/products/uos20/transforms/table-style.xslt
deleted file mode 100644
index 218d0f75421..00000000000
--- a/products/uos20/transforms/table-style.xslt
+++ /dev/null
@@ -1,5 +0,0 @@
-
-
-
-
-
diff --git a/products/uos20/transforms/xccdf-apply-overlay-stig.xslt b/products/uos20/transforms/xccdf-apply-overlay-stig.xslt
deleted file mode 100644
index 4789419b80a..00000000000
--- a/products/uos20/transforms/xccdf-apply-overlay-stig.xslt
+++ /dev/null
@@ -1,8 +0,0 @@
-
-
-
-
-
-
-
-
diff --git a/products/uos20/transforms/xccdf2table-cce.xslt b/products/uos20/transforms/xccdf2table-cce.xslt
deleted file mode 100644
index 1ffb22215c2..00000000000
--- a/products/uos20/transforms/xccdf2table-cce.xslt
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-
-
-
-
-
-
-
diff --git a/products/uos20/transforms/xccdf2table-profileccirefs.xslt b/products/uos20/transforms/xccdf2table-profileccirefs.xslt
deleted file mode 100644
index 5a104d956f1..00000000000
--- a/products/uos20/transforms/xccdf2table-profileccirefs.xslt
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-
-
-
-
-
-
-
diff --git a/shared/applicability/oval/installed_OS_is_uos20.xml b/shared/applicability/oval/installed_OS_is_uos20.xml
deleted file mode 100644
index 0188bbadef9..00000000000
--- a/shared/applicability/oval/installed_OS_is_uos20.xml
+++ /dev/null
@@ -1,28 +0,0 @@
-
-
-
- UnionTech OS Server 20
-
- multi_platform_all
-
-
- The operating system installed on the system is UnionTech OS Server 20
-
-
-
-
-
-
-
-
-
-
-
-
- ^20.*$
-
-
- uos-release
-
-
-
diff --git a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
index 14a64dbbd37..20328a83b2a 100644
--- a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
+++ b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
@@ -18,7 +18,6 @@
multi_platform_sle
multi_platform_slmicro5
multi_platform_ubuntu
- multi_platform_uos
Disables IPv6 for all network interfaces.
diff --git a/ssg/constants.py b/ssg/constants.py
index 7f8910743f1..34b7bf8b51e 100644
--- a/ssg/constants.py
+++ b/ssg/constants.py
@@ -60,7 +60,6 @@
'rhv4',
'sle12', 'sle15', 'slmicro5',
'ubuntu1604', 'ubuntu1804', 'ubuntu2004', 'ubuntu2204',
- 'uos20',
]
JINJA_MACROS_DIRECTORY = os.path.abspath(os.path.join(os.path.dirname(os.path.dirname(
@@ -230,7 +229,6 @@
"Ubuntu 18.04": "ubuntu1804",
"Ubuntu 20.04": "ubuntu2004",
"Ubuntu 22.04": "ubuntu2204",
- "UnionTech OS Server 20": "uos20",
"OpenEmbedded": "openembedded",
"Not Applicable": "example",
}
@@ -284,7 +282,7 @@
MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
"openeuler",
"opensuse", "sle", "ol", "ocp", "rhcos",
- "example", "eks", "alinux", "uos", "anolis", "openembedded", "al",
+ "example", "eks", "alinux", "anolis", "openembedded", "al",
"slmicro"]
MULTI_PLATFORM_MAPPING = {
@@ -304,7 +302,6 @@
"multi_platform_sle": ["sle12", "sle15"],
"multi_platform_slmicro": ["slmicro5"],
"multi_platform_ubuntu": ["ubuntu1604", "ubuntu1804", "ubuntu2004", "ubuntu2204"],
- "multi_platform_uos": ["uos20"],
"multi_platform_openembedded": ["openembedded"],
"multi_platform_al": ["al2023"],
}
@@ -422,7 +419,6 @@
'rhv': 'Red Hat Virtualization',
'debian': 'Debian',
'ubuntu': 'Ubuntu',
- 'uos': 'UnionTech OS Server',
'eap': 'JBoss Enterprise Application Platform',
'fuse': 'JBoss Fuse',
'openeuler': 'openEuler',
diff --git a/tests/data/product_stability/uos20.yml b/tests/data/product_stability/uos20.yml
deleted file mode 100644
index 01c78e8ad3f..00000000000
--- a/tests/data/product_stability/uos20.yml
+++ /dev/null
@@ -1,76 +0,0 @@
-aide_also_checks_audispd: 'yes'
-aide_also_checks_rsyslog: 'no'
-aide_bin_path: /usr/sbin/aide
-aide_conf_path: /etc/aide.conf
-audisp_conf_path: /etc/audit
-auid: 1000
-basic_properties_derived: true
-benchmark_id: UOS-20
-benchmark_root: ../../linux_os/guide
-chrony_conf_path: /etc/chrony.conf
-chrony_d_path: /etc/chrony.d/
-cpes:
-- uos20:
- check_id: installed_OS_is_uos20
- name: cpe:/o:uos:uniontech_os_server:20
- title: UnionTech OS Server 20
-cpes_root: ../../shared/applicability
-dconf_gdm_dir: gdm.d
-faillock_path: /var/run/faillock
-full_name: UnionTech OS Server 20
-gid_min: 1000
-groups: {}
-grub2_boot_path: /boot/grub2
-grub2_uefi_boot_path: /boot/grub2
-grub_helper_executable: grubby
-init_system: systemd
-nobody_gid: 65534
-nobody_uid: 65534
-pkg_manager: yum
-pkg_manager_config_file: /etc/yum.conf
-pkg_system: rpm
-platform_package_overrides:
- aarch64_arch: null
- grub2: grub2-common
- login_defs: shadow-utils
- no_ovirt: null
- non-uefi: null
- not_aarch64_arch: null
- not_s390x_arch: null
- ovirt: null
- s390x_arch: null
- sssd: sssd-common
- sssd-ldap: null
- uefi: null
- zipl: s390utils-base
-product: uos20
-profiles_root: ./profiles
-reference_uris:
- anssi: https://cyber.gouv.fr/sites/default/files/document/linux_configuration-en-v2.pdf
- app-srg: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=application-servers
- app-srg-ctr: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=container-platform
- bsi: https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Grundschutz/International/bsi_it_gs_comp_2022.pdf
- cis-csc: https://www.cisecurity.org/controls/
- cjis: https://www.fbi.gov/file-repository/cjis-security-policy-v5_5_20160601-2-1.pdf
- cobit5: https://www.isaca.org/resources/cobit
- cui: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171.pdf
- dcid: not_officially_available
- disa: https://public.cyber.mil/stigs/cci/
- hipaa: https://www.gpo.gov/fdsys/pkg/CFR-2007-title45-vol1/pdf/CFR-2007-title45-vol1-chapA-subchapC.pdf
- isa-62443-2009: https://www.isa.org/products/isa-62443-2-1-2009-security-for-industrial-automat
- isa-62443-2013: https://www.isa.org/products/ansi-isa-62443-3-3-99-03-03-2013-security-for-indu
- ism: https://www.cyber.gov.au/acsc/view-all-content/ism
- iso27001-2013: https://www.iso.org/contents/data/standard/05/45/54534.html
- nerc-cip: https://www.nerc.com/pa/Stand/Standard%20Purpose%20Statement%20DL/US_Standard_One-Stop-Shop.xlsx
- nist: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf
- nist-csf: https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf
- os-srg: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cgeneral-purpose-os
- ospp: https://www.niap-ccevs.org/Profile/PP.cfm
- pcidss: https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf
- pcidss4: https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0.pdf
- stigid: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux
- stigref: https://public.cyber.mil/stigs/srg-stig-tools/
-sshd_distributed_config: 'false'
-sysctl_remediate_drop_in_file: 'false'
-type: platform
-uid_min: 1000
diff --git a/tests/unit/ssg-module/test_utils.py b/tests/unit/ssg-module/test_utils.py
index 151827a565a..8073217aa89 100644
--- a/tests/unit/ssg-module/test_utils.py
+++ b/tests/unit/ssg-module/test_utils.py
@@ -12,7 +12,7 @@ def test_is_applicable():
assert not utils.is_applicable('fedora,multi_platform_ubuntu', 'rhel7')
assert not utils.is_applicable('ol7', 'rhel7')
- assert not utils.is_applicable('al2023,alinux2,alinux3,anolis8,anolis23,fedora,debian11,debian12,uos20',
+ assert not utils.is_applicable('al2023,alinux2,alinux3,anolis8,anolis23,fedora,debian11,debian12',
'rhel7')