From 63f543def08986fe5608e623b9e05f76520c660c Mon Sep 17 00:00:00 2001
From: Miha Purg <miha.purg@canonical.com>
Date: Thu, 18 Apr 2024 11:23:43 +0200
Subject: [PATCH] Modify Ubuntu bash remediation for
 sshd_use_approved_macs_ordered_stig

The remediation now uses the bash_sshd_remediation macro and the
sshd_approved_macs variable.
---
 .../sshd_use_approved_macs_ordered_stig/bash/shared.sh      | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/bash/shared.sh
index f6ec5d6f868e..b7aa5097075d 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/bash/shared.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/bash/shared.sh
@@ -1,6 +1,12 @@
 # platform = Red Hat Enterprise Linux 7,Oracle Linux 7,multi_platform_sle,multi_platform_ubuntu
+
+{{%- if 'ubuntu' in product %}}
+{{{ bash_instantiate_variables('sshd_approved_macs') }}}
+{{{ bash_sshd_remediation(parameter="MACs", value="$sshd_approved_macs", config_is_distributed=sshd_distributed_config) }}}
+{{%- else %}}
 if grep -q -P '^\s*MACs\s+' /etc/ssh/sshd_config; then
   sed -i 's/^\s*MACs.*/MACs hmac-sha2-512,hmac-sha2-256/' /etc/ssh/sshd_config
 else
   echo "MACs hmac-sha2-512,hmac-sha2-256" >> /etc/ssh/sshd_config
 fi
+{{%- endif %}}