search

ComplianceAsCode / content

Security automation content in SCAP, Bash, Ansible, and other formats
https://complianceascode.readthedocs.io/en/latest/
Other
2.18k stars 694 forks source link

Fedora Workstation 40 Remediations #12007

Open edmerrett opened 5 months ago

edmerrett commented 5 months ago

Share the context

I have currently been testing OpenSCAP to enforce a minimum build for linux laptops running Fedora Workstation 30. Using the Fedora CUSP on Fedora 39, nearly all remediations are successful. However since upgrading and testing on Fedora 40, many of the remediations show ERROR rather than actually fixing the issue.

Description of problem:

I am running Fedora Workstation 39 & 40 on Apple M2 via VM Fusion. When running openscap with --remediate using the Fedora CUSP profile, many of the remediation show ERROR.

Proposed change:

Review the output remediation steps and create a profile for Fedora workstation 40 that successful remediates issues.

Mab879 commented 2 months ago

Thanks for filling this issue.

It looks there are few changes will be needed due to some changes made in F40. One of which is the authselect profile see Fedora Magizne for details.

PRs are welcome.