test/cases: Add workaround for oscap firewalld rules
The oscap remediation is failing due to an issue with remediating the firewall loopback traffic. The remediation fails and bails out early resulting in a lower score and causing a regression in the test. This will need to be fixed on the OpenSCAP side, so as a workaround, we can remove this rule from the remediation.
This commit is contained in:
Jakub Rusz
Jakub Rusz
parent
5b19bd6809
commit
c77b73a888
1 changed files with 3 additions and 1 deletions
|
|
@ -362,6 +362,8 @@ clean_up
|
|||
###############################
|
||||
|
||||
# Write a blueprint for hardened image.
|
||||
# TODO: Remove firewalld rules from tailoring once https://github.com/ComplianceAsCode/content/issues/11275 is fixed
|
||||
# COMPOSER-2076 is tracking this workaround
|
||||
tee "${BLUEPRINT_FILE}" > /dev/null << EOF
|
||||
name = "hardened"
|
||||
description = "A hardened OpenSCAP image"
|
||||
|
|
@ -373,7 +375,7 @@ groups = []
|
|||
profile_id = "${PROFILE}"
|
||||
datastream = "${DATASTREAM}"
|
||||
[customizations.openscap.tailoring]
|
||||
unselected = ["grub2_password"]
|
||||
unselected = ["grub2_password", "firewalld_loopback_traffic_restricted", "firewalld_loopback_traffic_trusted"]
|
||||
|
||||
[[customizations.user]]
|
||||
name = "${SSH_USER}"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue