Move platform to group.yml

The platform expression "not container and not bootc" is common for all rules in the "disk_partitioning" group.
jan-cerny · Nov 4, 2024 · b785ae3 · b785ae3
1 parent d6161ef
commit b785ae3
Show file tree

Hide file tree

Showing 14 changed files with 2 additions and 13 deletions.
diff --git a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
@@ -101,7 +101,6 @@ ocil: |-
     The boot partition and pseudo-file systems, such as /proc, /sys, and tmpfs,
     are not required to use disk encryption and are not a finding.
 
-platform: not container and not bootc
 
 fixtext: |-
     Configure {{{ full_name }}} to prevent unauthorized modification of all information at rest by using disk encryption.

diff --git a/linux_os/guide/system/software/disk_partitioning/group.yml b/linux_os/guide/system/software/disk_partitioning/group.yml
@@ -25,3 +25,5 @@ description: |-
     scheme was used, it is possible but nontrivial to
     modify it to create separate logical volumes for the directories
     listed above. The Logical Volume Manager (LVM) makes this possible.
+
+platform: not container and not bootc
diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_boot/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_boot/rule.yml
@@ -16,7 +16,6 @@ rationale: |-
 
 severity: medium
 
-platform: not container and not bootc
 
 identifiers:
     cce@rhel8: CCE-83336-8

diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_dev_shm/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_dev_shm/rule.yml
@@ -35,7 +35,6 @@ references:
 
 fixtext: '{{{ fixtext_separate_partition(part="/dev/shm") }}}'
 
-platform: not container and not bootc
 
 warnings:
 - general: |-

diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
@@ -52,7 +52,6 @@ fixtext: |-
 
 srg_requirement: 'A separate {{{ full_name }}} filesystem must be used for user home directories (such as /home or an equivalent).'
 
-platform: not container and not bootc
 
 template:
     name: mount

diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_opt/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_opt/rule.yml
@@ -15,7 +15,6 @@ rationale: |-
 
 severity: medium
 
-platform: not container and not bootc
 
 identifiers:
     cce@rhel8: CCE-83340-0

diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_srv/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_srv/rule.yml
@@ -17,7 +17,6 @@ rationale: |-
 
 severity: unknown
 
-platform: not container and not bootc
 
 
 identifiers:

diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
@@ -45,7 +45,6 @@ fixtext: '{{{ fixtext_separate_partition(part="/tmp") }}}'
 
 srg_requirement: '{{{ srg_requirement_separate_partition("/tmp") }}}'
 
-platform: not container and not bootc
 
 template:
     name: mount

diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_usr/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_usr/rule.yml
@@ -14,7 +14,6 @@ rationale: |-
 
 severity: medium
 
-platform: not container and not bootc
 
 identifiers:
     cce@rhel8: CCE-83343-4

diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
@@ -50,7 +50,6 @@ fixtext: '{{{ fixtext_separate_partition(part="/var") }}}'
 
 srg_requirement: '{{{ srg_requirement_separate_partition("/var") }}}'
 
-platform: not container and not bootc
 
 template:
     name: mount

diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
@@ -46,7 +46,6 @@ fixtext: '{{{ fixtext_separate_partition(part="/var/log") }}}'
 
 srg_requirement: '{{{ srg_requirement_separate_partition("/var/log") }}}'
 
-platform: not container and not bootc
 
 # (jhrozek): at the moment, the mount probe checks the /proc filesystem
 # even if openscap looks at a chroot, which doesn't allow to check for

diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
@@ -58,7 +58,6 @@ fixtext: |-
 srg_requirement: |-
     {{{ full_name }}} must use a separate file system for the system audit data path.
 
-platform: not container and not bootc
 
 # (jhrozek): at the moment, the mount probe checks the /proc filesystem
 # even if openscap looks at a chroot, which doesn't allow to check for

diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
@@ -40,7 +40,6 @@ fixtext: '{{{ fixtext_separate_partition(part="/var/tmp") }}}'
 
 srg_requirement: '{{{ srg_requirement_separate_partition("/var/tmp") }}}'
 
-platform: not container and not bootc
 
 template:
     name: mount

diff --git a/linux_os/guide/system/software/disk_partitioning/systemd_tmp_mount_enabled/rule.yml b/linux_os/guide/system/software/disk_partitioning/systemd_tmp_mount_enabled/rule.yml
@@ -26,7 +26,6 @@ ocil: |-
 
 ocil_clause: "the tmp.mount unit is masked or disabled"
 
-platform: not container and not bootc
 
 template:
     name: systemd_mount_enabled
Original file line number	Diff line number	Diff line change
Expand Up		@@ -17,7 +17,6 @@ rationale: \|-

		severity: unknown

		platform: not container and not bootc


		identifiers:
Expand Down