My organization saves our desired mSCP "override default values" in the custom folder within our fork of the mSCP project. For example, we have a file at custom/rules/system_settings_screensaver_ask_for_password_delay_enforce.yaml with the following contents:
odv:
custom: 0
We also have defined some custom rules that offer extra flexibility that allows us to apply the same baseline to multiple OS versions. For example we have a file at custom/rules/system_settings_ssh_disable.yaml with the following contents:
comment: |
Differs from upstream mSCP check: Output changed from `true` to `disabled` a recent OS upgrade.
This customized check treats either value as compliant.
check: |
/bin/launchctl print-disabled system | /usr/bin/grep -Ec '"com.openssh.sshd" => (disabled|true)'
Upon launching Jamf Compliance editor and pointing it to our local clone of the mSCP project, the entire contents of the custom folder are deleted (as shown by Git staged changes). In order to restore the desired ODVs, we must click Edit, Show, and Done for each individual customized control in JCE, which is a tedious process.
I'm open to being persuaded that I'm using the custom folder incorrectly, but the mSCP project wiki seems clear:
The custom directory is used for creating tailored versions of the rules and sections files, to meet an organization’s requirements. The YAML files placed within this folder will take priority when running generate_guidance.py.
Desired enhancement: JCE should parse and apply any customized values in the custom folder, like the parent mSCP project does when running generate_guidance.py. Ideally, those custom values would already appear in the JCE UI and and further edits to those values would update the files in the custom folder.
@homebysix This issue will be addressed in an upcoming release, however you'll have to import the rules through the GUI. This will properly create the custom files. The custom folder in JCE behaves differently.
My organization saves our desired mSCP "override default values" in the
custom
folder within our fork of the mSCP project. For example, we have a file atcustom/rules/system_settings_screensaver_ask_for_password_delay_enforce.yaml
with the following contents:We also have defined some custom rules that offer extra flexibility that allows us to apply the same baseline to multiple OS versions. For example we have a file at
custom/rules/system_settings_ssh_disable.yaml
with the following contents:Upon launching Jamf Compliance editor and pointing it to our local clone of the mSCP project, the entire contents of the
custom
folder are deleted (as shown by Git staged changes). In order to restore the desired ODVs, we must click Edit, Show, and Done for each individual customized control in JCE, which is a tedious process.I'm open to being persuaded that I'm using the
custom
folder incorrectly, but the mSCP project wiki seems clear:Desired enhancement: JCE should parse and apply any customized values in the
custom
folder, like the parent mSCP project does when runninggenerate_guidance.py
. Ideally, those custom values would already appear in the JCE UI and and further edits to those values would update the files in thecustom
folder.