--- scap-security-guide-0.1.19/RHEL/7/input/system/selinux.xml.orig	2014-09-29 06:19:27.427097200 -0400
+++ scap-security-guide-0.1.19/RHEL/7/input/system/selinux.xml	2014-09-29 06:20:14.703998808 -0400
@@ -117,23 +117,6 @@ targeted for exploitation, such as netwo
 <tested by="DS" on="20121024"/>
 </Rule>
 
-<Rule id="service_restorecond_enabled">
-<title>Enable the SELinux Context Restoration Service (restorecond)</title>
-<description>The <tt>restorecond</tt> service utilizes <tt>inotify</tt> to look
-for the creation of new files listed in the
-<tt>/etc/selinux/restorecond.conf</tt> configuration file. When a file is
-created, <tt>restorecond</tt> ensures the file receives the proper SELinux
-security context.
-<service-enable-macro service="restorecond" />
-</description>
-<rationale>The <tt>restorecond</tt> service helps ensure that the default SELinux
-file context is applied to files. This allows automatic correction
-of file contexts created by some programs.</rationale>
-<ident cce="RHEL7-CCE-TBD" />
-<oval id="service_restorecond_enabled" />
-<ref nist="AC-3,AC-3(3),AC-4,AC-6,AU-9" />
-</Rule>
-
 <Rule id="package_setroubleshoot_removed">
 <title>Uninstall setroubleshoot Package</title>
 <description>The SETroubleshoot service notifies desktop users of SELinux
--- scap-security-guide-0.1.19/RHEL/7/input/fixes/bash/service_restorecond_enabled.sh	2014-09-28 07:55:58.000000000 -0400
+++ /dev/null	2014-09-29 05:45:02.862000000 -0400
@@ -1,9 +0,0 @@
-#
-# Enable restorecond.service for all systemd targets
-#
-systemctl enable restorecond.service
-
-#
-# Start restorecond.service if not currently running
-#
-systemctl start restorecond.service