Include fedora product in the macro conditional for sssd_enable_smart…

…cards
ComplianceAsCode · Jul 15, 2022 · 18800cb · 18800cb
1 parent 91197be
commit 18800cb
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 7 deletions.
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml
@@ -34,7 +34,7 @@
     create: yes
     mode: 0600
 
-{{% if product in ["ol8", "rhel8", "rhel9"] %}}
+{{% if product in ["fedora", "ol8", "rhel8", "rhel9"] %}}
 - name: '{{{ rule_title }}} - Check if system relies on authselect'
   ansible.builtin.stat:
     path: /usr/bin/authselect

diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh
@@ -6,7 +6,7 @@
 
 {{{ bash_ensure_ini_config("/etc/sssd/sssd.conf", "pam", "pam_cert_auth", "True") }}}
 
-{{% if product in ["ol8", "rhel8", "rhel9"] %}}
+{{% if product in ["fedora", "ol8", "rhel8", "rhel9"] %}}
 if [ -f /usr/bin/authselect ]; then
     if authselect check; then
         {{{ bash_enable_authselect_feature('with-smartcard') | indent(8) }}}

diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml b/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml
@@ -5,7 +5,7 @@
     <criteria operator="AND">
       <criterion comment="Check pam_cert_auth in /etc/sssd/sssd.conf"
                  test_ref="test_sssd_enable_smartcards"/>
-      {{% if product in ["ol8", "rhel8", "rhel9"] %}}
+      {{% if product in ["fedora", "ol8", "rhel8", "rhel9"] %}}
       <criterion comment="Check allow_missing_name in /etc/pam.d/smartcard-auth"
                  test_ref="test_sssd_enable_smartcards_allow_missing_name_smartcard_auth"/>
       <criterion comment="Check try_cert_auth or require_cert_auth in /etc/pam.d/system-auth"
@@ -25,7 +25,7 @@
     <ind:instance datatype="int">1</ind:instance>
   </ind:textfilecontent54_object>
 
-  {{% if product in ["ol8", "rhel8", "rhel9"] %}}
+  {{% if product in ["fedora", "ol8", "rhel8", "rhel9"] %}}
   <ind:textfilecontent54_test check="all" check_existence="all_exist"
   comment="tests the presence of try_cert_auth or require_cert_auth in /etc/pam.d/smartcard-auth"
   id="test_sssd_enable_smartcards_allow_missing_name_smartcard_auth" version="2">

diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
@@ -11,7 +11,7 @@ description: |-
     <pre>[pam]
     pam_cert_auth = True
     </pre>
-    {{% if product in ["ol8", "rhel8", "rhel9"] %}}
+    {{% if product in ["fedora", "ol8", "rhel8", "rhel9"] %}}
     Add or update "pam_sss.so" line in auth section of "/etc/pam.d/system-auth" file to include
     "try_cert_auth" or "require_cert_auth" option, like in the following example:
     <pre>
@@ -61,7 +61,7 @@ ocil: |-
     If configured properly, output should be
     <pre>pam_cert_auth = True</pre>
 
-    {{% if product in ["ol8", "rhel8", "rhel9"] %}}
+    {{% if product in ["fedora", "ol8", "rhel8", "rhel9"] %}}
     To verify that smart cards are enabled in PAM files, run the following command:
     <pre>$ sudo grep -e "auth.*pam_sss.so.*\(allow_missing_name\|try_cert_auth\)" /etc/pam.d/smartcard-auth /etc/pam.d/system-auth</pre>
     If configured properly, output should be
@@ -76,7 +76,7 @@ fixtext: |-
 
     pam_cert_auth = True
 
-    {{% if product in ["ol8", "rhel8", "rhel9"] %}}
+    {{% if product in ["fedora", "ol8", "rhel8", "rhel9"] %}}
     Enable the <tt>with-smartcard</tt> feature using the <tt>authselect</tt> command:
     sudo authselect enable-feature with-smartcard
     sudo authselect apply-changes -b