WIP Rules

ComplianceAsCode · Feb 6, 2024 · 380644e · 380644e
1 parent afaaaa5
commit 380644e
Show file tree

Hide file tree

Showing 7 changed files with 7 additions and 11 deletions.
diff --git a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_configure_firewall/rule.yml b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_configure_firewall/rule.yml
@@ -21,7 +21,7 @@ description: |-
 rationale: |-
     These settings configure the firewall to allow connections to an FTP server.
 
-    {{% if prodtype != "rhel7" %}}
+    {{% if product != "rhel7" %}}
     The first line allows initial connections to the FTP server port.
     FTP is an older protocol which is not very compatible with firewalls. During the initial FTP dialogue, the client
     and server negotiate an arbitrary port to be used for data transfer. The <tt>ip_conntrack_ftp</tt>  module is used by

diff --git a/linux_os/guide/services/ntp/service_ntp_enabled/rule.yml b/linux_os/guide/services/ntp/service_ntp_enabled/rule.yml
@@ -49,10 +49,10 @@ template:
     vars:
         servicename: ntp
 
-{{% if prodtype in ["rhel7", "rhel8", "rhel9", "sle15"] %}}
+{{% if product in ["rhel7", "rhel8", "rhel9", "sle15"] %}}
 warnings:
     - general:
-        {{% if prodtype == "rhel7" %}}
+        {{% if product == "rhel7" %}}
         The <pre>ntp.service</pre> Systemd unit is not available in {{{
         full_name }}}. <pre>ntpd.service</pre> should be used instead together with the respective <pre>service_ntpd_enabled</pre> rule..
         {{% else %}}

diff --git a/linux_os/guide/services/ntp/service_ntpd_enabled/rule.yml b/linux_os/guide/services/ntp/service_ntpd_enabled/rule.yml
@@ -50,7 +50,7 @@ template:
 
 platform: package[ntp]
 
-{{% if prodtype in ["rhel8", "rhel9", "sle15"] %}}
+{{% if product in ["rhel8", "rhel9", "sle15"] %}}
 warnings:
     - general:
         The <pre>ntp</pre> package is not available in {{{ full_name }}}. Please

diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive_0/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive_0/rule.yml
@@ -1,7 +1,6 @@
 documentation_complete: true
 
 # applicable only to products that ship OpenSSH<8.2
-# prodtypes: ???
 
 title: 'Set SSH Client Alive Count Max to zero'
 

diff --git a/linux_os/guide/system/auditing/package_audit-audispd-plugins_installed/rule.yml b/linux_os/guide/system/auditing/package_audit-audispd-plugins_installed/rule.yml
@@ -34,9 +34,9 @@ template:
         pkgname@ubuntu1804: audispd-plugins
         pkgname@ubuntu2004: audispd-plugins
 
-{{% if prodtype in ["rhel7", "rhel8", "rhel9"] %}}
+{{% if product in ["rhel7", "rhel8", "rhel9"] %}}
 warnings:
     - general:
-        This package is not available in {{{ full_name }}}. The correct package
-        is called <pre>audispd-plugins</pre>. The rule <pre> is suggested as a replacement.
+        This package is not available in {{{ full_name }}} [{{{ product }}}]. The correct package
+        is called <pre>audispd-plugins</pre>.
 {{% endif %}}
diff --git a/linux_os/guide/system/software/sudo/sudoers_no_root_target/rule.yml b/linux_os/guide/system/software/sudo/sudoers_no_root_target/rule.yml
@@ -1,7 +1,5 @@
 documentation_complete: true
 
-# Set prodtypes if needed, otherwise let the rule to be applicable for all products by omitting the prodtype declaration
-
 title: "Don't target root user in the sudoers file"
 
 description: |-

diff --git a/tests/ssg_test_suite/common.py b/tests/ssg_test_suite/common.py
@@ -20,7 +20,6 @@
 from ssg.jinja import process_file_with_macros
 from ssg.products import product_yaml_path, load_product_yaml
 from ssg.rules import get_rule_dir_yaml, is_rule_dir
-from ssg.rule_yaml import parse_prodtype
 from ssg.utils import mkdir_p
 from ssg_test_suite.log import LogHelper