search

puppetlabs / sce_issues

This repository will allow public community members to file bug reports against the SCE modules
2 stars 0 forks source link

RHEL8 STIG control V-230265 sets non-compliant parameter value #4

Closed bzilla closed 5 months ago

bzilla commented 8 months ago

Describe the Bug

The cem_linux::utils::yum::enable_gpgcheck class sets the value of localpkg_gpgcheck to 1 instead of True on RHEL8. This value needs to be parameterized as, on RHEL7, V-204448 requires this to be set to 1 and that matches with the details of the yum.conf(5) man page, but on RHEL8 the documented values are True and False.

Expected Behavior

V-230265 on RHEL8 should set "localpkg_gpgcheck=True" in /etc/yum.conf and /etc/dnf/dnf.conf as per the STIG where that file exists.

Steps to Reproduce

Steps to reproduce the behavior: Apply the "stig" profile to a RHEL8 system and check the status of /etc/yum.conf.

Environment

RHEL8, cem_linux 1.9.1.

github-actions[bot] commented 8 months ago

Migrated issue to CEM-3819

hsnodgrass commented 7 months ago

This has been picked up in our current sprint and will be included in the next cem_linux release.

hsnodgrass commented 5 months ago

This was fixed with the sce_linux v2.0.0 release.