From 380644eb69bb46008993b385411f1ce2a195b6df Mon Sep 17 00:00:00 2001
From: Evgeny Kolesnikov <ekolesni@redhat.com>
Date: Tue, 6 Feb 2024 23:17:35 +0100
Subject: [PATCH] WIP Rules

---
 .../ftp_configure_vsftpd/ftp_configure_firewall/rule.yml    | 2 +-
 linux_os/guide/services/ntp/service_ntp_enabled/rule.yml    | 4 ++--
 linux_os/guide/services/ntp/service_ntpd_enabled/rule.yml   | 2 +-
 .../services/ssh/ssh_server/sshd_set_keepalive_0/rule.yml   | 1 -
 .../package_audit-audispd-plugins_installed/rule.yml        | 6 +++---
 .../system/software/sudo/sudoers_no_root_target/rule.yml    | 2 --
 tests/ssg_test_suite/common.py                              | 1 -
 7 files changed, 7 insertions(+), 11 deletions(-)

diff --git a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_configure_firewall/rule.yml b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_configure_firewall/rule.yml
index 24db0f198594..5bbba879d629 100644
--- a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_configure_firewall/rule.yml
+++ b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_configure_firewall/rule.yml
@@ -21,7 +21,7 @@ description: |-
 rationale: |-
     These settings configure the firewall to allow connections to an FTP server.
 
-    {{% if prodtype != "rhel7" %}}
+    {{% if product != "rhel7" %}}
     The first line allows initial connections to the FTP server port.
     FTP is an older protocol which is not very compatible with firewalls. During the initial FTP dialogue, the client
     and server negotiate an arbitrary port to be used for data transfer. The <tt>ip_conntrack_ftp</tt>  module is used by
diff --git a/linux_os/guide/services/ntp/service_ntp_enabled/rule.yml b/linux_os/guide/services/ntp/service_ntp_enabled/rule.yml
index b86ae63a3e14..3cbe7b956fc1 100644
--- a/linux_os/guide/services/ntp/service_ntp_enabled/rule.yml
+++ b/linux_os/guide/services/ntp/service_ntp_enabled/rule.yml
@@ -49,10 +49,10 @@ template:
     vars:
         servicename: ntp
 
-{{% if prodtype in ["rhel7", "rhel8", "rhel9", "sle15"] %}}
+{{% if product in ["rhel7", "rhel8", "rhel9", "sle15"] %}}
 warnings:
     - general:
-        {{% if prodtype == "rhel7" %}}
+        {{% if product == "rhel7" %}}
         The <pre>ntp.service</pre> Systemd unit is not available in {{{
         full_name }}}. <pre>ntpd.service</pre> should be used instead together with the respective <pre>service_ntpd_enabled</pre> rule..
         {{% else %}}
diff --git a/linux_os/guide/services/ntp/service_ntpd_enabled/rule.yml b/linux_os/guide/services/ntp/service_ntpd_enabled/rule.yml
index 0478d2e5a654..a54c9257bb64 100644
--- a/linux_os/guide/services/ntp/service_ntpd_enabled/rule.yml
+++ b/linux_os/guide/services/ntp/service_ntpd_enabled/rule.yml
@@ -50,7 +50,7 @@ template:
 
 platform: package[ntp]
 
-{{% if prodtype in ["rhel8", "rhel9", "sle15"] %}}
+{{% if product in ["rhel8", "rhel9", "sle15"] %}}
 warnings:
     - general:
         The <pre>ntp</pre> package is not available in {{{ full_name }}}. Please
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive_0/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive_0/rule.yml
index a8ca30212537..40fde9becc23 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive_0/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive_0/rule.yml
@@ -1,7 +1,6 @@
 documentation_complete: true
 
 # applicable only to products that ship OpenSSH<8.2
-# prodtypes: ???
 
 title: 'Set SSH Client Alive Count Max to zero'
 
diff --git a/linux_os/guide/system/auditing/package_audit-audispd-plugins_installed/rule.yml b/linux_os/guide/system/auditing/package_audit-audispd-plugins_installed/rule.yml
index 800f854a540a..052deab171c8 100644
--- a/linux_os/guide/system/auditing/package_audit-audispd-plugins_installed/rule.yml
+++ b/linux_os/guide/system/auditing/package_audit-audispd-plugins_installed/rule.yml
@@ -34,9 +34,9 @@ template:
         pkgname@ubuntu1804: audispd-plugins
         pkgname@ubuntu2004: audispd-plugins
 
-{{% if prodtype in ["rhel7", "rhel8", "rhel9"] %}}
+{{% if product in ["rhel7", "rhel8", "rhel9"] %}}
 warnings:
     - general:
-        This package is not available in {{{ full_name }}}. The correct package
-        is called <pre>audispd-plugins</pre>. The rule <pre> is suggested as a replacement.
+        This package is not available in {{{ full_name }}} [{{{ product }}}]. The correct package
+        is called <pre>audispd-plugins</pre>.
 {{% endif %}}
diff --git a/linux_os/guide/system/software/sudo/sudoers_no_root_target/rule.yml b/linux_os/guide/system/software/sudo/sudoers_no_root_target/rule.yml
index 2bb55b3cd8c8..5e5a4320a768 100644
--- a/linux_os/guide/system/software/sudo/sudoers_no_root_target/rule.yml
+++ b/linux_os/guide/system/software/sudo/sudoers_no_root_target/rule.yml
@@ -1,7 +1,5 @@
 documentation_complete: true
 
-# Set prodtypes if needed, otherwise let the rule to be applicable for all products by omitting the prodtype declaration
-
 title: "Don't target root user in the sudoers file"
 
 description: |-
diff --git a/tests/ssg_test_suite/common.py b/tests/ssg_test_suite/common.py
index 01da7f088992..4a81edc58e1b 100644
--- a/tests/ssg_test_suite/common.py
+++ b/tests/ssg_test_suite/common.py
@@ -20,7 +20,6 @@
 from ssg.jinja import process_file_with_macros
 from ssg.products import product_yaml_path, load_product_yaml
 from ssg.rules import get_rule_dir_yaml, is_rule_dir
-from ssg.rule_yaml import parse_prodtype
 from ssg.utils import mkdir_p
 from ssg_test_suite.log import LogHelper