From d1e2c3c84bee6dc81fc8ee37d9ef9013548a51ec Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Mat=C4=9Bj=20T=C3=BD=C4=8D?= <matyc@redhat.com>

Date: Mon, 12 Oct 2020 16:05:49 +0200

Subject: [PATCH 1/2] Update prodtypes of rules that have their OVAL reused.

---

 .../smart_card_login/install_smartcard_packages/rule.yml        | 2 +-

 .../mcafee_hbss_software/package_MFEhiplsm_installed/rule.yml   | 2 +-

 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml

index 1747b7901a..8bb91bd3e4 100644

--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml

+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml

@@ -1,6 +1,6 @@

 documentation_complete: true

-prodtype: ol7,rhel7

+prodtype: fedora,ol7,rhel7

 title: 'Install Smart Card Packages For Multifactor Authentication'

diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/package_MFEhiplsm_installed/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/package_MFEhiplsm_installed/rule.yml

index 00e5f12873..c4448df036 100644

--- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/package_MFEhiplsm_installed/rule.yml

+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/package_MFEhiplsm_installed/rule.yml

@@ -1,6 +1,6 @@

 documentation_complete: true

-prodtype: fedora,rhel6,rhel7,rhel8,rhv4

+prodtype: fedora,rhcos4,rhel6,rhel7,rhel8,rhv4

 title: 'Install the Host Intrusion Prevention System (HIPS) Module'

From 1602513bf9f1dacc7ca75898779c05ad92f4cb6a Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Mat=C4=9Bj=20T=C3=BD=C4=8D?= <matyc@redhat.com>

Date: Tue, 13 Oct 2020 10:44:10 +0200

Subject: [PATCH 2/2] Fixed the referenced check ID.

The pkcs package check used to exist separatly from existing rules,

but now it exists only as OVAL of install_smartcard_packages.

---

 .../smart_card_login/smartcard_auth/oval/shared.xml             | 2 +-

 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_auth/oval/shared.xml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_auth/oval/shared.xml

index f1b620056f..b61a2473ad 100644

--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_auth/oval/shared.xml

+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_auth/oval/shared.xml

@@ -2,7 +2,7 @@

   <definition class="compliance" id="smartcard_auth" version="3">

     {{{ oval_metadata("Enable Smart Card logins") }}}

     <criteria comment="smart card authentication is configured" operator="AND">

-      <extend_definition comment="pam_pkcs11 package is installed" definition_ref="package_pam_pkcs11_installed" />

+      <extend_definition comment="packages needed for smartcard support are installed" definition_ref="install_smartcard_packages" />

       <extend_definition comment="pcscd service is enabled" definition_ref="service_pcscd_enabled" />

       <criteria operator="OR">

         <extend_definition comment="esc package is installed" definition_ref="package_esc_installed" />