Update rsyslog_cron_logging for bootable containers

ComplianceAsCode / content

Security automation content in SCAP, Bash, Ansible, and other formats

https://complianceascode.readthedocs.io/en/latest/

Other

2.22k stars 698 forks source link

Update rsyslog_cron_logging for bootable containers #12575

Closed matusmarhefka closed 2 weeks ago

matusmarhefka commented 2 weeks ago

Remediation of the rule rsyslog_cron_logging calls systemctl reload which doesn't work in the bootable container build environment and so we use the bash_not_bootc_build macro to not run it there.

github-actions[bot] commented 2 weeks ago

Start a new ephemeral environment with changes proposed in this pull request:

rhel8 (from CTF) Environment (using Fedora as testing environment)

Fedora Testing Environment

Oracle Linux 8 Environment

github-actions[bot] commented 2 weeks ago

This datastream diff is auto generated by the check Compare DS/Generate Diff

Click here to see the full diff

```diff bash remediation for rule 'xccdf_org.ssgproject.content_rule_rsyslog_cron_logging' differs. --- xccdf_org.ssgproject.content_rule_rsyslog_cron_logging +++ xccdf_org.ssgproject.content_rule_rsyslog_cron_logging @@ -6,7 +6,9 @@ echo "cron.* /var/log/cron" >> /etc/rsyslog.d/cron.conf fi -systemctl restart rsyslog.service +if [[ "$OSCAP_BOOTC_BUILD" != "YES" ]] ; then + systemctl restart rsyslog.service +fi else >&2 echo 'Remediation is not applicable, nothing was done' ```

codeclimate[bot] commented 2 weeks ago

Code Climate has analyzed commit 9c310a39 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 60.9% (0.0% change).

View more on Code Climate.