From c7c6c3235697fadc3b5bcb6c03f8c9ee663212dc Mon Sep 17 00:00:00 2001
From: Noah Talerman <noahtal@umich.edu>
Date: Sat, 27 Jan 2024 13:32:54 -0500
Subject: [PATCH] Add linux device health

---
 lib/linux-device-health.policies.yml | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 lib/linux-device-health.policies.yml

diff --git a/lib/linux-device-health.policies.yml b/lib/linux-device-health.policies.yml
new file mode 100644
index 0000000..8b99870
--- /dev/null
+++ b/lib/linux-device-health.policies.yml
@@ -0,0 +1,5 @@
+- name: Linux - Enable disk encryption
+  platform: darwin
+  description: This policy checks if disk encryption is enabled.
+  resolution: As an IT admin, deploy an image that includes disk encryption.
+  query: SELECT 1 FROM disk_encryption WHERE encrypted=1 AND name LIKE '/dev/dm-1';
\ No newline at end of file