From 3246c15bac24b456461e007fcee5bf937a2de54e Mon Sep 17 00:00:00 2001 From: Vojtech Polasek Date: Tue, 31 Jan 2023 11:24:29 +0100 Subject: [PATCH 1/6] add OVAL inventory check checking if installed system is OL --- shared/checks/oval/installed_os_is_ol.xml | 24 +++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 shared/checks/oval/installed_os_is_ol.xml diff --git a/shared/checks/oval/installed_os_is_ol.xml b/shared/checks/oval/installed_os_is_ol.xml new file mode 100644 index 00000000000..239d1976bc7 --- /dev/null +++ b/shared/checks/oval/installed_os_is_ol.xml @@ -0,0 +1,24 @@ + + + + {{{ oval_metadata("Installed OS is ol", affected_platforms=["multi_platform_all"]) }}} + + + + + + + + + + + /etc/os-release + ^ID=["']?(\w+)["']?$ + 1 + + + ol + + + From 8fc02b5576eee04d371bcda137bcc6b0c0d2d550 Mon Sep 17 00:00:00 2001 From: Vojtech Polasek Date: Tue, 31 Jan 2023 11:25:19 +0100 Subject: [PATCH 2/6] add new platform and OVAL check checking if RHEL >= 9.0 --- .../applicability/rhel_greater_equal_9_0.yml | 4 +++ .../checks/oval/rhel9_greater_equal_9_0.xml | 26 +++++++++++++++++++ 2 files changed, 30 insertions(+) create mode 100644 shared/applicability/rhel_greater_equal_9_0.yml create mode 100644 shared/checks/oval/rhel9_greater_equal_9_0.xml diff --git a/shared/applicability/rhel_greater_equal_9_0.yml b/shared/applicability/rhel_greater_equal_9_0.yml new file mode 100644 index 00000000000..f1f1358c11e --- /dev/null +++ b/shared/applicability/rhel_greater_equal_9_0.yml @@ -0,0 +1,4 @@ +name: "cpe:/o:rhel:ge:9:0" +title: "Operating System is RHEL and version is greater than or equal to 9.0" +check_id: rhel9_greater_equal_9_0 +ansible_conditional: ansible_distribution == "RedHat" and ansible_distribution_version is version("9.0", ">=") diff --git a/shared/checks/oval/rhel9_greater_equal_9_0.xml b/shared/checks/oval/rhel9_greater_equal_9_0.xml new file mode 100644 index 00000000000..ac6f659d60a --- /dev/null +++ b/shared/checks/oval/rhel9_greater_equal_9_0.xml @@ -0,0 +1,26 @@ + + + + {{{ oval_metadata("RHEL version greater or equal to 9.0", affected_platforms=["multi_platform_all"]) }}} + + + + + + + + + + + + /etc/os-release + ^VERSION_ID=["']?([\d\.]+)["']?$ + 1 + + + 9.0 + + + From e515a86e792f35f932addd0da5d860666f88e317 Mon Sep 17 00:00:00 2001 From: Vojtech Polasek Date: Tue, 31 Jan 2023 11:26:00 +0100 Subject: [PATCH 3/6] add new platform and OVAL check checking if RHEL <= 8.4 --- shared/applicability/rhel_less_equal_8_4.yml | 4 +++ shared/checks/oval/rhel8_less_equal_8_4.xml | 26 ++++++++++++++++++++ 2 files changed, 30 insertions(+) create mode 100644 shared/applicability/rhel_less_equal_8_4.yml create mode 100644 shared/checks/oval/rhel8_less_equal_8_4.xml diff --git a/shared/applicability/rhel_less_equal_8_4.yml b/shared/applicability/rhel_less_equal_8_4.yml new file mode 100644 index 00000000000..c3e61af8d2a --- /dev/null +++ b/shared/applicability/rhel_less_equal_8_4.yml @@ -0,0 +1,4 @@ +name: "cpe:/o:rhel:le:8:4" +title: "Operating System is RHEL and version is less than or equal to 8.4" +check_id: rhel8_less_equal_8_4 +ansible_conditional: ansible_distribution == "RedHat" and ansible_distribution_version is version("8.4", "<=") diff --git a/shared/checks/oval/rhel8_less_equal_8_4.xml b/shared/checks/oval/rhel8_less_equal_8_4.xml new file mode 100644 index 00000000000..69c6cfc602f --- /dev/null +++ b/shared/checks/oval/rhel8_less_equal_8_4.xml @@ -0,0 +1,26 @@ + + + + {{{ oval_metadata("RHEL version less or equal to 8.4", affected_platforms=["multi_platform_all"]) }}} + + + + + + + + + + + + /etc/os-release + ^VERSION_ID=["']?([\d\.]+)["']?$ + 1 + + + 8.4 + + + From 9b8e05bd5fe56273ed6bcc48fe2679098b9c7e45 Mon Sep 17 00:00:00 2001 From: Vojtech Polasek Date: Tue, 31 Jan 2023 11:26:36 +0100 Subject: [PATCH 4/6] add new platform and OVAL check checking if OL >= 9.0 --- shared/applicability/ol_greater_equal_9_0.yml | 4 +++ shared/checks/oval/ol9_greater_equal_9_0.xml | 26 +++++++++++++++++++ 2 files changed, 30 insertions(+) create mode 100644 shared/applicability/ol_greater_equal_9_0.yml create mode 100644 shared/checks/oval/ol9_greater_equal_9_0.xml diff --git a/shared/applicability/ol_greater_equal_9_0.yml b/shared/applicability/ol_greater_equal_9_0.yml new file mode 100644 index 00000000000..f05677ed31f --- /dev/null +++ b/shared/applicability/ol_greater_equal_9_0.yml @@ -0,0 +1,4 @@ +name: "cpe:/o:ol:ge:9:0" +title: "Operating System is OL and version is greater than or equal to 9.0" +check_id: ol9_greater_equal_9_0 +ansible_conditional: ansible_distribution == "OracleLinux" and ansible_distribution_version is version("9.0", ">=") diff --git a/shared/checks/oval/ol9_greater_equal_9_0.xml b/shared/checks/oval/ol9_greater_equal_9_0.xml new file mode 100644 index 00000000000..083d50e84fe --- /dev/null +++ b/shared/checks/oval/ol9_greater_equal_9_0.xml @@ -0,0 +1,26 @@ + + + + {{{ oval_metadata("ol version greater or equal to 9.0", affected_platforms=["multi_platform_all"]) }}} + + + + + + + + + + + + /etc/os-release + ^VERSION_ID=["']?([\d\.]+)["']?$ + 1 + + + 9.0 + + + From 352082daeced178c2beb22f1f3c6115ab5d3e52e Mon Sep 17 00:00:00 2001 From: Vojtech Polasek Date: Tue, 31 Jan 2023 11:26:58 +0100 Subject: [PATCH 5/6] change applicability of rule package_rear_installed the rule is not applicable if: - architecture is S390x and RHEL is <= 8.4 - architecture is aarch64 and RHEL or OL >= 9.0 --- .../software/system-tools/package_rear_installed/rule.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml index 9434b10f1d5..4613895202b 100644 --- a/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml +++ b/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml @@ -22,12 +22,9 @@ ocil_clause: 'the package is not installed' ocil: '{{{ ocil_package(package="rear") }}}' -# The package is not available for s309x on RHEL<8.5 -# platform: not_s390x_arch -{{%- if product in ["ol9", "rhel9"] %}} -platform: not_aarch64_arch -{{%- endif %}} +platforms: + - not ((s390x_arch and rhel_less_equal_8_4) or (rhel_greater_equal_9_0 and aarch64_arch) or (ol_greater_equal_9_0 and aarch64_arch)) template: name: package_installed From 4d47f60b4cc62359bfbe195f2f4435f4e77b7135 Mon Sep 17 00:00:00 2001 From: Vojtech Polasek Date: Tue, 31 Jan 2023 12:55:26 +0100 Subject: [PATCH 6/6] fix capitalization of "ol" and "os" change it in OVAL descriptions rename the file so taht OS is in capital --- .../oval/{installed_os_is_ol.xml => installed_OS_is_ol.xml} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename shared/checks/oval/{installed_os_is_ol.xml => installed_OS_is_ol.xml} (92%) diff --git a/shared/checks/oval/installed_os_is_ol.xml b/shared/checks/oval/installed_OS_is_ol.xml similarity index 92% rename from shared/checks/oval/installed_os_is_ol.xml rename to shared/checks/oval/installed_OS_is_ol.xml index 239d1976bc7..c28af44affc 100644 --- a/shared/checks/oval/installed_os_is_ol.xml +++ b/shared/checks/oval/installed_OS_is_ol.xml @@ -1,9 +1,9 @@ - {{{ oval_metadata("Installed OS is ol", affected_platforms=["multi_platform_all"]) }}} + {{{ oval_metadata("Installed OS is OL", affected_platforms=["multi_platform_all"]) }}} -