Merge pull request ComplianceAsCode#11362 from Mab879/fix_11359_11360

Enable Rules For OSBuild
rumch-se · Dec 13, 2023 · 550d2a5 · 550d2a5
2 parents 4db8089 + 1dd5fd4
commit 550d2a5
Show file tree

Hide file tree

Showing 6 changed files with 4 additions and 10 deletions.
diff --git a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/rule.yml b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/rule.yml
@@ -36,4 +36,4 @@ ocil: |-
   The output should return the following uncommented:
   <pre>session    required     pam_namespace.so</pre>
 
-platform: package[pam] and not osbuild
+platform: package[pam]
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/bash/shared.sh
@@ -1,4 +1,3 @@
-#!/bin/bash
 # platform = multi_platform_all
 
 # shellcheck disable=SC2174

diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/rule.yml
@@ -9,15 +9,13 @@ description: |-
   Then, add the following entry to <tt>/etc/security/namespace.conf</tt>:
   <pre>/tmp     /tmp/tmp-inst/            level      root,adm</pre>
 
-rationale: |- 
+rationale: |-
   Polyinstantiation of temporary directories is a proactive security measure
   which reduces chances of attacks that are made possible by /tmp
   directories being world-writable.
 
 severity: low
 
-platform: not osbuild
-
 identifiers:
   cce@rhel7: CCE-83731-0
   cce@rhel8: CCE-83732-8

diff --git a/...s/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/bash/shared.sh b/...s/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/bash/shared.sh
@@ -1,4 +1,3 @@
-#!/bin/bash
 # platform = multi_platform_all
 
 # shellcheck disable=SC2174

diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/rule.yml
@@ -9,15 +9,13 @@ description: |-
   Then, add the following entry to <tt>/etc/security/namespace.conf</tt>:
   <pre>/var/tmp /var/tmp/tmp-inst/    level      root,adm</pre>
 
-rationale: |- 
+rationale: |-
   Polyinstantiation of temporary directories is a proactive security measure
   which reduces chances of attacks that are made possible by /var/tmp
   directories being world-writable.
 
 severity: low
 
-platform: not osbuild
-
 identifiers:
   cce@rhel7: CCE-83777-3
   cce@rhel8: CCE-83778-1

diff --git a/linux_os/guide/system/selinux/selinux-booleans/group.yml b/linux_os/guide/system/selinux/selinux-booleans/group.yml
@@ -2,7 +2,7 @@ documentation_complete: true
 
 title: 'SELinux - Booleans'
 
-platform: not osbuild and selinux
+platform: selinux
 
 description: |-
     Enable or Disable runtime customization of SELinux system policies