Ensure default fapolicyd rules are present #485

ferricoxide · 2024-03-07T14:33:14Z

Running newer versions of ocap in remediation-mode will horribly break a system if one doesn't ensure that suitable fapolicyd rule-files are present when oscap enables "default-deny" mode. This modification necessary to due some questionable logical-assumptions in Red Hat's installation-routines for the fapolicyd RPM.

Closes #484

Running newer versions of `ocap` in remediation-mode will horribly break a system if one doesn't ensure that suitable fapolicyd rule-files are present when `oscap` enables "default-deny" mode. This modification necessary to do some questionable logical-assumptions in Red Hat's installation-routines for the fapolicyd RPM

ferricoxide added 2 commits March 7, 2024 09:24

Fix path in helperLoc declaration

9df3e87

lorengordon approved these changes Mar 7, 2024

View reviewed changes

ferricoxide merged commit a0601bf into plus3it:master Mar 7, 2024
10 checks passed

ferricoxide deleted the Issue_484 branch March 7, 2024 16:12

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Ensure default fapolicyd rules are present #485

Ensure default fapolicyd rules are present #485

ferricoxide commented Mar 7, 2024 •

edited

Loading

Ensure default fapolicyd rules are present #485

Ensure default fapolicyd rules are present #485

Conversation

ferricoxide commented Mar 7, 2024 • edited Loading

ferricoxide commented Mar 7, 2024 •

edited

Loading