Rule file_permission_user_init_files_root fails to remediate

[Mab879]

Description of problem:

After running the remediation for file_permission_user_init_files_root there are still files with incorrect permissions.

Automatus tests seem to pass, so this might be issue in the daily test environment.

SCAP Security Guide Version:

a2501c9

Operating System Version:

RHEL 8.10, RHEL 9.6, and RHEL 10.0.

Actual Results:

Rule fails after remediation.

Expected Results:

Rule passes after remediation.

Additional Information/Debugging Steps:

None.

[comps]

This is due to

/root/.bash_profile
/root/.bashrc
/root/.cshrc
/root/.tcshrc
/root/.bash_logout

being scanned with 0644 mode.

These come from /usr/lib/tmpfiles.d/rootfiles.conf:

# create initial /root directories shell content
C /root/.bash_logout   644 root root - /usr/share/rootfiles/.bash_logout
C /root/.bash_profile  644 root root - /usr/share/rootfiles/.bash_profile
C /root/.bashrc        644 root root - /usr/share/rootfiles/.bashrc
C /root/.cshrc         644 root root - /usr/share/rootfiles/.cshrc
C /root/.tcshrc        644 root root - /usr/share/rootfiles/.tcshrc

provided by the rootfiles RPM package.

So I think the proper fix here is to ensure the package is not installed + if the files exist at the time of remediation, their mode is changed.

The reason we see them during productization testing is that we reboot the host after remediation, which lets systemd tmpfiles.d re-set the mode.