From bf9a8d327751b64072ac12556e7eec40f7b6d817 Mon Sep 17 00:00:00 2001 From: Thomas H Jones II Date: Wed, 13 Mar 2024 13:59:33 -0400 Subject: [PATCH] Collapse double-management of user.cfg file --- .../el8/STIGbyID/cat1/RHEL-08-010150.sls | 20 +++++++------------ 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/ash-linux/el8/STIGbyID/cat1/RHEL-08-010150.sls b/ash-linux/el8/STIGbyID/cat1/RHEL-08-010150.sls index e0d972482..e1bbdeaa0 100644 --- a/ash-linux/el8/STIGbyID/cat1/RHEL-08-010150.sls +++ b/ash-linux/el8/STIGbyID/cat1/RHEL-08-010150.sls @@ -41,30 +41,24 @@ notify_{{ stig_id }}-skipSet: - stateful: True - cwd: /root {%- else %} -user_cfg_permissions-{{ stig_id }}: +user_cfg_content-{{ stig_id }}: file.managed: - name: '{{ grubPassFile }}' - - user: 'root' - - owner: 'root' + - contents: |- + GRUB2_PASSWORD={{ grubEncryptedPass }} - mode: '000600' + - onchanges_in: + - cmd: regen_grubCfg-{{ stig_id }} - onlyif: - [[ ! -d /sys/firmware/efi/ ]] + - owner: 'root' - replace: false - selinux: serange: 's0' serole: 'object_r' setype: 'boot_t' seuser: 'unconfined_u' - -user_cfg_content-{{ stig_id }}: - file.managed: - - name: '{{ grubPassFile }}' - - contents: |- - GRUB2_PASSWORD={{ grubEncryptedPass }} - - onchanges_in: - - cmd: regen_grubCfg-{{ stig_id }} - - onchanges: - - file: user_cfg_permissions-{{ stig_id }} + - user: 'root' grubuser_superDef-{{ grubUserFile }}-{{ stig_id }}: file.replace: