From 5237ec27040d052e6b3fb6103f1a1c207f5a24cf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
Date: Thu, 31 Oct 2024 16:57:46 +0100
Subject: [PATCH] Simplify flags

In fact, the `FLAGS` variable only holds information about if
the rule is related to IPv6 or not. So we can rename it to
a better name `IPV6` and make it a boolean variable.
---
 shared/templates/sysctl/oval.template     | 4 ++--
 shared/templates/sysctl/sce-bash.template | 2 +-
 shared/templates/sysctl/template.py       | 6 +++---
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/shared/templates/sysctl/oval.template b/shared/templates/sysctl/oval.template
index dd34e10f8c5..21b09af5620 100644
--- a/shared/templates/sysctl/oval.template
+++ b/shared/templates/sysctl/oval.template
@@ -20,7 +20,7 @@
     <ind:pattern operation="pattern match">^[\s]*{{{ SYSCTLVAR }}}[\s]*=[\s]*(.*\S)[\s]*$</ind:pattern>
     <ind:instance datatype="int" operation="greater than or equal">1</ind:instance>
 {{%- endmacro -%}}
-{{%- if "P" in FLAGS -%}}
+{{%- if IPV6 == "false" -%}}
 
 <def-group>
   <definition class="compliance" id="{{{ rule_id }}}" version="3">
@@ -36,7 +36,7 @@
   </definition>
 </def-group>
 
-{{%- elif "I" in FLAGS -%}}
+{{%- else -%}}
 
 <def-group>
   <definition class="compliance" id="{{{ rule_id }}}" version="4">
diff --git a/shared/templates/sysctl/sce-bash.template b/shared/templates/sysctl/sce-bash.template
index 1b24f0a11b8..e86afc4f770 100644
--- a/shared/templates/sysctl/sce-bash.template
+++ b/shared/templates/sysctl/sce-bash.template
@@ -62,7 +62,7 @@ function check_sysctl_configuration()
     return $XCCDF_RESULT_FAIL
 }
 
-{{% if "I" in FLAGS -%}}
+{{% if IPV6 == "true" -%}}
 # pass if IPv6 is disabled
 check_sysctl_configuration "net.ipv6.conf.all.disable_ipv6" "1"
 if [[ $? == $XCCDF_RESULT_PASS ]] ; then
diff --git a/shared/templates/sysctl/template.py b/shared/templates/sysctl/template.py
index 651fa0c0eb6..f03c22e5052 100644
--- a/shared/templates/sysctl/template.py
+++ b/shared/templates/sysctl/template.py
@@ -5,10 +5,10 @@ def preprocess(data, lang):
     data["sysctlid"] = ssg.utils.escape_id(data["sysctlvar"])
     if not data.get("sysctlval"):
         data["sysctlval"] = ""
-    ipv6_flag = "P"
     if data["sysctlid"].find("ipv6") >= 0:
-        ipv6_flag = "I"
-    data["flags"] = ipv6_flag
+        data["ipv6"] = "true"
+    else:
+        data["ipv6"] = "false"
     if "operation" not in data:
         data["operation"] = "equals"
     if isinstance(data["sysctlval"], list) and len(data["sysctlval"]) == 0: