From 92b0f4069bced7d9e1e459db0799d7d2fb9faa59 Mon Sep 17 00:00:00 2001
From: Gabriel Becker <ggasparb@redhat.com>
Date: Wed, 9 Feb 2022 14:47:52 +0100
Subject: [PATCH] Update ocil_clause of encrypt_partitions to exclude boot
partition.
Boot partitions are not part of required partitions to be encrypted.
---
.../software/disk_partitioning/encrypt_partitions/rule.yml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
index e9d25a34fbd..13231dc2cc9 100644
--- a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
@@ -90,6 +90,7 @@ ocil: |-
/dev/sda2: UUID=" bc98d7ef-6g54-321h-1d24-9870de2ge1a2
" TYPE="crypto_LUKS"</pre>
<br /><br />
- Pseudo-file systems, such as /proc, /sys, and tmpfs, are not required to use disk encryption and are not a finding.
+ The boot partition and pseudo-file systems, such as /proc, /sys, and tmpfs,
+ are not required to use disk encryption and are not a finding.
platform: machine