rpms / scap-security-guide

Clone
Source Code
GIT

Files

  1.   889f2b583f8e6c5f14571e0d693652afe8844c45
  2.   SOURCES
  3.   scap-security-guide-0.1.58-add_missing_unit_test_playbook-PR_7431.patch
Blob Blame History Raw 
From 86dad83f4e6c5b823882ec736d27410570f5b69a Mon Sep 17 00:00:00 2001
From: Watson Sato <wsato@redhat.com>
Date: Fri, 20 Aug 2021 16:03:33 +0200
Subject: [PATCH] Add missing unit test playbook

The playbook is used on
test-function-check_playbook_file_removed_and_added
---
 .../file_block_removed_and_not_added.yml      | 62 +++++++++++++++++++
 1 file changed, 62 insertions(+)
 create mode 100644 tests/ansible_file_removed_and_added/file_block_removed_and_not_added.yml

diff --git a/tests/ansible_file_removed_and_added/file_block_removed_and_not_added.yml b/tests/ansible_file_removed_and_added/file_block_removed_and_not_added.yml
new file mode 100644
index 0000000000..8391d1bc99
--- /dev/null
+++ b/tests/ansible_file_removed_and_added/file_block_removed_and_not_added.yml
@@ -0,0 +1,62 @@
+---
+
+- hosts: all
+  vars:
+    var_system_crypto_policy: !!str FUTURE
+    var_sudo_logfile: !!str /var/log/sudo.log
+
+  tasks:
+    - name: Modify the System Login Banner - add correct banner
+      lineinfile:
+        dest: /etc/issue
+        line: '{{ login_banner_text | regex_replace("^\^(.*)\$$", "\1") | regex_replace("^\((.*)\|.*\)$",
+          "\1") | regex_replace("\[\\s\\n\]\+"," ") | regex_replace("\(\?:\[\\n\]\+\|\(\?:\\\\n\)\+\)",
+          "\n") | regex_replace("\\", "") | wordwrap() }}'
+        create: true
+      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
+      tags:
+        - banner_etc_issue
+        - low_complexity
+        - medium_disruption
+        - medium_severity
+        - no_reboot_needed
+        - unknown_strategy
+
+    - name: Test for existence /etc/issue
+      stat:
+        path: /etc/issue
+      register: file_exists
+      tags:
+        - configure_strategy
+        - file_permissions_etc_issue
+        - low_complexity
+        - low_disruption
+        - medium_severity
+        - no_reboot_needed
+
+    - name: Ensure permission 0644 on /etc/issue
+      file:
+        path: /etc/issue
+        mode: '0644'
+      when: file_exists.stat is defined and file_exists.stat.exists
+      tags:
+        - configure_strategy
+        - file_permissions_etc_issue
+        - low_complexity
+        - low_disruption
+        - medium_severity
+        - no_reboot_needed
+
+    - block:
+        - name: Remove Rsh Trust Files
+          file:
+            path: '/root/shosts.equiv'
+            state: absent
+      tags:
+        - high_severity
+        - low_complexity
+        - low_disruption
+        - no_reboot_needed
+        - no_rsh_trust_files
+        - restrict_strategy
+

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation