Blame SOURCES/scap-security-guide-0.1.41-install-dracut-fips.patch

28bffe
diff --git a/rhel7/fixes/anaconda/grub2_enable_fips_mode.anaconda b/rhel7/fixes/anaconda/grub2_enable_fips_mode.anaconda
28bffe
new file mode 100644
28bffe
index 0000000..99693f6
28bffe
--- /dev/null
28bffe
+++ b/rhel7/fixes/anaconda/grub2_enable_fips_mode.anaconda
28bffe
@@ -0,0 +1,3 @@
28bffe
+# platform = Red Hat Enterprise Linux 7
28bffe
+
28bffe
+package --add=dracut-fips
28bffe
diff --git a/linux_os/guide/system/software/integrity/fips/grub2_enable_fips_mode.rule b/linux_os/guide/system/software/integrity/fips/grub2_enable_fips_mode.rule
28bffe
index ac89c4e8ac..4f70107829 100644
28bffe
--- a/linux_os/guide/system/software/integrity/fips/grub2_enable_fips_mode.rule
28bffe
+++ b/linux_os/guide/system/software/integrity/fips/grub2_enable_fips_mode.rule
28bffe
@@ -5,8 +5,9 @@ prodtype: rhel7
28bffe
 title: 'Enable FIPS Mode in GRUB2'
28bffe
 
28bffe
 description: |-
28bffe
-    To ensure FIPS mode is enabled, rebuild <tt>initramfs</tt> by running the following command:
28bffe
-    
dracut -f
28bffe
+    To ensure FIPS mode is enabled, install package <tt>dracut-fips</tt>, and rebuild <tt>initramfs</tt> by running the following commands:
28bffe
+    
{{{ package_install("dracut-fips") }}}
28bffe
+    dracut -f
28bffe
     After the <tt>dracut</tt> command has been run, add the argument <tt>fips=1</tt> to the default
28bffe
     GRUB 2 command line for the Linux operating system in
28bffe
     <tt>/etc/default/grub</tt>, in the manner below:
28bffe
diff --git a/shared/macros-highlevel.jinja b/shared/macros-highlevel.jinja
28bffe
index 722f15fd2a..d1dba54154 100644
28bffe
--- a/shared/macros-highlevel.jinja
28bffe
+++ b/shared/macros-highlevel.jinja
28bffe
@@ -19,31 +19,39 @@
28bffe
     {{%- endif -%}}
28bffe
 {{%- endmacro %}}
28bffe
 
28bffe
-
28bffe
 {{%- macro describe_package_install(package) -%}}
28bffe
+    The {{{ package }}} package can be installed with the following command:
28bffe
+    
{{{ package_install(package) }}}
28bffe
+{{%- endmacro %}}
28bffe
+
28bffe
+{{%- macro package_install(package) -%}}
28bffe
     {{%- if pkg_manager == "apt_get" -%}}
28bffe
-        {{{ apt_get_describe_package_install(package) }}}
28bffe
+        {{{ apt_get_package_install(package) }}}
28bffe
     {{%- elif pkg_manager == "zypper" -%}}
28bffe
-        {{{ zypper_describe_package_install(package) }}}
28bffe
+        {{{ zypper_package_install(package) }}}
28bffe
     {{%- elif pkg_manager == "yum" -%}}
28bffe
-        {{{ yum_describe_package_install(package) }}}
28bffe
+        {{{ yum_package_install(package) }}}
28bffe
     {{%- elif pkg_manager == "dnf" -%}}
28bffe
-        {{{ dnf_describe_package_install(package) }}}
28bffe
+        {{{ dnf_package_install(package) }}}
28bffe
     {{%- else %}}
28bffe
         JINJA MACRO ERROR: Unknown package manager '{{{ pkg_manager }}}'.
28bffe
     {{%- endif -%}}
28bffe
 {{%- endmacro %}}
28bffe
 
28bffe
-
28bffe
 {{%- macro describe_package_remove(package) -%}}
28bffe
+    The {{{ package }}} package can be removed with the following command:
28bffe
+    
{{{ package_remove(package) }}}
28bffe
+{{%- endmacro %}}
28bffe
+
28bffe
+{{%- macro package_remove(package) -%}}
28bffe
     {{%- if pkg_manager == "apt_get" -%}}
28bffe
-        {{{ apt_get_describe_package_remove(package) }}}
28bffe
+        {{{ apt_get_package_remove(package) }}}
28bffe
     {{%- elif pkg_manager == "zypper" -%}}
28bffe
-        {{{ zypper_describe_package_remove(package) }}}
28bffe
+        {{{ zypper_package_remove(package) }}}
28bffe
     {{%- elif pkg_manager == "yum" -%}}
28bffe
-        {{{ yum_describe_package_remove(package) }}}
28bffe
+        {{{ yum_package_remove(package) }}}
28bffe
     {{%- elif pkg_manager == "dnf" -%}}
28bffe
-        {{{ dnf_describe_package_remove(package) }}}
28bffe
+        {{{ dnf_package_remove(package) }}}
28bffe
     {{%- else %}}
28bffe
         JINJA MACRO ERROR: Unknown package manager '{{{ pkg_manager }}}'.
28bffe
     {{%- endif -%}}
28bffe
diff --git a/shared/macros.jinja b/shared/macros.jinja
28bffe
index 2d93808ed2..e2b46e9a44 100644
28bffe
--- a/shared/macros.jinja
28bffe
+++ b/shared/macros.jinja
28bffe
@@ -395,51 +395,43 @@ ocil_clause: "{{{ sebool }}} is not enabled"
28bffe
 {{%- endmacro %}}
28bffe
 
28bffe
 
28bffe
-{{%- macro apt_get_describe_package_install(package) %}}
28bffe
-    The {{{ package }}} package can be installed with the following command:
28bffe
-    
$ apt-get install {{{ package }}}
28bffe
+{{%- macro apt_get_package_install(package) %}}
28bffe
+    $ apt-get install {{{ package }}}
28bffe
 {{%- endmacro %}}
28bffe
 
28bffe
 
28bffe
-{{%- macro apt_get_describe_package_remove(package) %}}
28bffe
-    The {{{ package }}} package can be removed with the following command:
28bffe
-    
$ apt-get remove {{{ package }}}
28bffe
+{{%- macro apt_get_package_remove(package) %}}
28bffe
+    $ apt-get remove {{{ package }}}
28bffe
 {{%- endmacro %}}
28bffe
 
28bffe
 
28bffe
-{{%- macro dnf_describe_package_install(package) %}}
28bffe
-    The {{{ package }}} package can be installed with the following command:
28bffe
-    
$ sudo dnf install {{{ package }}}
28bffe
+{{%- macro dnf_package_install(package) %}}
28bffe
+    $ sudo dnf install {{{ package }}}
28bffe
 {{%- endmacro %}}
28bffe
 
28bffe
 
28bffe
-{{%- macro dnf_describe_package_remove(package) %}}
28bffe
-    The {{{ package }}} package can be removed with the following command:
28bffe
-    
$ sudo dnf erase {{{ package }}}
28bffe
+{{%- macro dnf_package_remove(package) %}}
28bffe
+    $ sudo dnf erase {{{ package }}}
28bffe
 {{%- endmacro %}}
28bffe
 
28bffe
 
28bffe
-{{%- macro yum_describe_package_install(package) %}}
28bffe
-    The {{{ package }}} package can be installed with the following command:
28bffe
-    
$ sudo yum install {{{ package }}}
28bffe
+{{%- macro yum_package_install(package) %}}
28bffe
+    $ sudo yum install {{{ package }}}
28bffe
 {{%- endmacro %}}
28bffe
 
28bffe
 
28bffe
-{{%- macro yum_describe_package_remove(package) %}}
28bffe
-    The {{{ package }}} package can be removed with the following command:
28bffe
-    
$ sudo yum erase {{{ package }}}
28bffe
+{{%- macro yum_package_remove(package) %}}
28bffe
+    $ sudo yum erase {{{ package }}}
28bffe
 {{%- endmacro %}}
28bffe
 
28bffe
 
28bffe
-{{%- macro zypper_describe_package_install(package) %}}
28bffe
-    The {{{ package }}} package can be installed with the following command:
28bffe
-    
$ sudo zypper install {{{ package }}}
28bffe
+{{%- macro zypper_package_install(package) %}}
28bffe
+    $ sudo zypper install {{{ package }}}
28bffe
 {{%- endmacro %}}
28bffe
 
28bffe
 
28bffe
-{{%- macro zypper_describe_package_remove(package) %}}
28bffe
-    The {{{ package }}} package can be removed with the following command:
28bffe
-    
$ sudo zypper remove {{{ package }}}
28bffe
+{{%- macro zypper_package_remove(package) %}}
28bffe
+    $ sudo zypper remove {{{ package }}}
28bffe
 {{%- endmacro %}}
28bffe
 
28bffe