diff --git a/src/XCCDF_POLICY/xccdf_policy_remediate.c b/src/XCCDF_POLICY/xccdf_policy_remediate.c index 92a8600d23..20402ea21e 100644 --- a/src/XCCDF_POLICY/xccdf_policy_remediate.c +++ b/src/XCCDF_POLICY/xccdf_policy_remediate.c @@ -1143,10 +1143,15 @@ static int _write_script_header_to_fd(struct xccdf_policy *policy, struct xccdf_ } else if (oscap_streq(sys, "urn:redhat:osbuild:blueprint")) { char *blueprint_fix_header = oscap_sprintf( "%s" - "name = \"%s\"\n" + "name = \"hardened_%s\"\n" "description = \"%s\"\n" - "version = \"%s\"\n", - fix_header, profile_id, profile_title, benchmark_version_info); + "version = \"%s\"\n\n" + "[customizations.openscap]\n" + "profile_id = \"%s\"\n" + "# If your hardening data stream is not part of the 'scap-security-guide' package\n" + "# provide the absolute path to it (from the root of the image filesystem).\n" + "# datastream = \"/usr/share/xml/scap/ssg/content/ssg-xxxxx-ds.xml\"\n\n", + fix_header, profile_id, profile_title, benchmark_version_info, profile_id); free(fix_header); free(profile_title); return _write_text_to_fd_and_free(output_fd, blueprint_fix_header); diff --git a/tests/API/XCCDF/unittests/test_remediation_blueprint.toml b/tests/API/XCCDF/unittests/test_remediation_blueprint.toml index e189adca9d..0ac5bc5b4c 100644 --- a/tests/API/XCCDF/unittests/test_remediation_blueprint.toml +++ b/tests/API/XCCDF/unittests/test_remediation_blueprint.toml @@ -19,9 +19,16 @@ # ############################################################################### -name = "xccdf_moc.elpmaxe.www_profile_common" +name = "hardened_xccdf_moc.elpmaxe.www_profile_common" description = "Profile title on one line" version = "1.0" + +[customizations.openscap] +profile_id = "xccdf_moc.elpmaxe.www_profile_common" +# If your hardening data stream is not part of the 'scap-security-guide' package +# provide the absolute path to it (from the root of the image filesystem). +# datastream = "/usr/share/xml/scap/ssg/content/ssg-xxxxx-ds.xml" + distro = rhel-80 [[packages]]