Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Additional updates in kernel_module_disabled template #12160

Merged
merged 2 commits into from
Jul 19, 2024
Merged

Additional updates in kernel_module_disabled template #12160

merged 2 commits into from
Jul 19, 2024

Conversation

alanmcanonical
Copy link
Contributor

Description:

Rationale:

  • Replace remaining occurrences of /bin/true in ocil template

@openshift-ci openshift-ci bot added the needs-ok-to-test Used by openshift-ci bot. label Jul 16, 2024
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Jul 16, 2024

Hi @alanmcanonical. Thanks for your PR.

I'm waiting for a ComplianceAsCode member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 16, 2024
edited
Loading

Start a new ephemeral environment with changes proposed in this pull request:

rhel8 (from CTF) Environment (using Fedora as testing environment)
Open in Gitpod

Fedora Testing Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

@github-actions GitHub Actions
Copy link

This datastream diff is auto generated by the check Compare DS/Generate Diff

Click here to see the full diff 
New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_atm_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_atm_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_atm_disabled
@@ -9,7 +9,7 @@
 
 To configure the system to prevent the atm
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/atm.conf:
-install atm /bin/true
+install atm /bin/false
 
 To configure the system to prevent the atm from being used,
 add the following line to file /etc/modprobe.d/atm.conf:

OCIL for rule 'xccdf_org.ssgproject.content_rule_kernel_module_atm_disabled' differs.
--- ocil:ssg-kernel_module_atm_disabled_ocil:questionnaire:1
+++ ocil:ssg-kernel_module_atm_disabled_ocil:questionnaire:1
@@ -1,7 +1,7 @@
 
 If the system is configured to prevent the loading of the atm kernel module,
 it will contain lines inside any file in /etc/modprobe.d or the deprecated /etc/modprobe.conf.
-These lines instruct the module loading system to run another program (such as /bin/true) upon a module install event.
+These lines instruct the module loading system to run another program (such as /bin/false) upon a module install event.
 
 These lines can also instruct the module loading system to ignore the atm kernel module via blacklist keyword.
 

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_can_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_can_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_can_disabled
@@ -9,7 +9,7 @@
 
 To configure the system to prevent the can
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/can.conf:
-install can /bin/true
+install can /bin/false
 
 To configure the system to prevent the can from being used,
 add the following line to file /etc/modprobe.d/can.conf:

OCIL for rule 'xccdf_org.ssgproject.content_rule_kernel_module_can_disabled' differs.
--- ocil:ssg-kernel_module_can_disabled_ocil:questionnaire:1
+++ ocil:ssg-kernel_module_can_disabled_ocil:questionnaire:1
@@ -1,7 +1,7 @@
 
 If the system is configured to prevent the loading of the can kernel module,
 it will contain lines inside any file in /etc/modprobe.d or the deprecated /etc/modprobe.conf.
-These lines instruct the module loading system to run another program (such as /bin/true) upon a module install event.
+These lines instruct the module loading system to run another program (such as /bin/false) upon a module install event.
 
 These lines can also instruct the module loading system to ignore the can kernel module via blacklist keyword.
 

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_dccp_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_dccp_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_dccp_disabled
@@ -9,7 +9,7 @@
 
 To configure the system to prevent the dccp
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/dccp.conf:
-install dccp /bin/true
+install dccp /bin/false
 
 To configure the system to prevent the dccp from being used,
 add the following line to file /etc/modprobe.d/dccp.conf:

OCIL for rule 'xccdf_org.ssgproject.content_rule_kernel_module_dccp_disabled' differs.
--- ocil:ssg-kernel_module_dccp_disabled_ocil:questionnaire:1
+++ ocil:ssg-kernel_module_dccp_disabled_ocil:questionnaire:1
@@ -1,7 +1,7 @@
 
 If the system is configured to prevent the loading of the dccp kernel module,
 it will contain lines inside any file in /etc/modprobe.d or the deprecated /etc/modprobe.conf.
-These lines instruct the module loading system to run another program (such as /bin/true) upon a module install event.
+These lines instruct the module loading system to run another program (such as /bin/false) upon a module install event.
 
 These lines can also instruct the module loading system to ignore the dccp kernel module via blacklist keyword.
 

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_firewire-core_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_firewire-core_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_firewire-core_disabled
@@ -8,7 +8,7 @@
 
 To configure the system to prevent the firewire-core
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/firewire-core.conf:
-install firewire-core /bin/true
+install firewire-core /bin/false
 
 To configure the system to prevent the firewire-core from being used,
 add the following line to file /etc/modprobe.d/firewire-core.conf:

OCIL for rule 'xccdf_org.ssgproject.content_rule_kernel_module_firewire-core_disabled' differs.
--- ocil:ssg-kernel_module_firewire-core_disabled_ocil:questionnaire:1
+++ ocil:ssg-kernel_module_firewire-core_disabled_ocil:questionnaire:1
@@ -1,7 +1,7 @@
 
 If the system is configured to prevent the loading of the firewire-core kernel module,
 it will contain lines inside any file in /etc/modprobe.d or the deprecated /etc/modprobe.conf.
-These lines instruct the module loading system to run another program (such as /bin/true) upon a module install event.
+These lines instruct the module loading system to run another program (such as /bin/false) upon a module install event.
 
 These lines can also instruct the module loading system to ignore the firewire-core kernel module via blacklist keyword.
 

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_rds_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_rds_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_rds_disabled
@@ -9,7 +9,7 @@
 
 To configure the system to prevent the rds
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/rds.conf:
-install rds /bin/true
+install rds /bin/false
 
 To configure the system to prevent the rds from being used,
 add the following line to file /etc/modprobe.d/rds.conf:

OCIL for rule 'xccdf_org.ssgproject.content_rule_kernel_module_rds_disabled' differs.
--- ocil:ssg-kernel_module_rds_disabled_ocil:questionnaire:1
+++ ocil:ssg-kernel_module_rds_disabled_ocil:questionnaire:1
@@ -1,7 +1,7 @@
 
 If the system is configured to prevent the loading of the rds kernel module,
 it will contain lines inside any file in /etc/modprobe.d or the deprecated /etc/modprobe.conf.
-These lines instruct the module loading system to run another program (such as /bin/true) upon a module install event.
+These lines instruct the module loading system to run another program (such as /bin/false) upon a module install event.
 
 These lines can also instruct the module loading system to ignore the rds kernel module via blacklist keyword.
 

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_sctp_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_sctp_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_sctp_disabled
@@ -10,7 +10,7 @@
 
 To configure the system to prevent the sctp
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/sctp.conf:
-install sctp /bin/true
+install sctp /bin/false
 
 To configure the system to prevent the sctp from being used,
 add the following line to file /etc/modprobe.d/sctp.conf:

OCIL for rule 'xccdf_org.ssgproject.content_rule_kernel_module_sctp_disabled' differs.
--- ocil:ssg-kernel_module_sctp_disabled_ocil:questionnaire:1
+++ ocil:ssg-kernel_module_sctp_disabled_ocil:questionnaire:1
@@ -1,7 +1,7 @@
 
 If the system is configured to prevent the loading of the sctp kernel module,
 it will contain lines inside any file in /etc/modprobe.d or the deprecated /etc/modprobe.conf.
-These lines instruct the module loading system to run another program (such as /bin/true) upon a module install event.
+These lines instruct the module loading system to run another program (such as /bin/false) upon a module install event.
 
 These lines can also instruct the module loading system to ignore the sctp kernel module via blacklist keyword.
 

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_tipc_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_tipc_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_tipc_disabled
@@ -9,7 +9,7 @@
 
 To configure the system to prevent the tipc
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/tipc.conf:
-install tipc /bin/true
+install tipc /bin/false
 
 To configure the system to prevent the tipc from being used,
 add the following line to file /etc/modprobe.d/tipc.conf:

OCIL for rule 'xccdf_org.ssgproject.content_rule_kernel_module_tipc_disabled' differs.
--- ocil:ssg-kernel_module_tipc_disabled_ocil:questionnaire:1
+++ ocil:ssg-kernel_module_tipc_disabled_ocil:questionnaire:1
@@ -1,7 +1,7 @@
 
 If the system is configured to prevent the loading of the tipc kernel module,
 it will contain lines inside any file in /etc/modprobe.d or the deprecated /etc/modprobe.conf.
-These lines instruct the module loading system to run another program (such as /bin/true) upon a module install event.
+These lines instruct the module loading system to run another program (such as /bin/false) upon a module install event.
 
 These lines can also instruct the module loading system to ignore the tipc kernel module via blacklist keyword.
 

OCIL for rule 'xccdf_org.ssgproject.content_rule_kernel_module_bluetooth_disabled' differs.
--- ocil:ssg-kernel_module_bluetooth_disabled_ocil:questionnaire:1
+++ ocil:ssg-kernel_module_bluetooth_disabled_ocil:questionnaire:1
@@ -1,7 +1,7 @@
 
 If the system is configured to prevent the loading of the bluetooth kernel module,
 it will contain lines inside any file in /etc/modprobe.d or the deprecated /etc/modprobe.conf.
-These lines instruct the module loading system to run another program (such as /bin/true) upon a module install event.
+These lines instruct the module loading system to run another program (such as /bin/false) upon a module install event.
 
 These lines can also instruct the module loading system to ignore the bluetooth kernel module via blacklist keyword.
 

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_cfg80211_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_cfg80211_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_cfg80211_disabled
@@ -5,7 +5,7 @@
 [description]:
 To configure the system to prevent the cfg80211
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/cfg80211.conf:
-install cfg80211 /bin/true
+install cfg80211 /bin/false
 
 To configure the system to prevent the cfg80211 from being used,
 add the following line to file /etc/modprobe.d/cfg80211.conf:

OCIL for rule 'xccdf_org.ssgproject.content_rule_kernel_module_cfg80211_disabled' differs.
--- ocil:ssg-kernel_module_cfg80211_disabled_ocil:questionnaire:1
+++ ocil:ssg-kernel_module_cfg80211_disabled_ocil:questionnaire:1
@@ -1,7 +1,7 @@
 
 If the system is configured to prevent the loading of the cfg80211 kernel module,
 it will contain lines inside any file in /etc/modprobe.d or the deprecated /etc/modprobe.conf.
-These lines instruct the module loading system to run another program (such as /bin/true) upon a module install event.
+These lines instruct the module loading system to run another program (such as /bin/false) upon a module install event.
 
 These lines can also instruct the module loading system to ignore the cfg80211 kernel module via blacklist keyword.
 

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_iwlmvm_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_iwlmvm_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_iwlmvm_disabled
@@ -5,7 +5,7 @@
 [description]:
 To configure the system to prevent the iwlmvm
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/iwlmvm.conf:
-install iwlmvm /bin/true
+install iwlmvm /bin/false
 
 To configure the system to prevent the iwlmvm from being used,
 add the following line to file /etc/modprobe.d/iwlmvm.conf:

OCIL for rule 'xccdf_org.ssgproject.content_rule_kernel_module_iwlmvm_disabled' differs.
--- ocil:ssg-kernel_module_iwlmvm_disabled_ocil:questionnaire:1
+++ ocil:ssg-kernel_module_iwlmvm_disabled_ocil:questionnaire:1
@@ -1,7 +1,7 @@
 
 If the system is configured to prevent the loading of the iwlmvm kernel module,
 it will contain lines inside any file in /etc/modprobe.d or the deprecated /etc/modprobe.conf.
-These lines instruct the module loading system to run another program (such as /bin/true) upon a module install event.
+These lines instruct the module loading system to run another program (such as /bin/false) upon a module install event.
 
 These lines can also instruct the module loading system to ignore the iwlmvm kernel module via blacklist keyword.
 

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_iwlwifi_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_iwlwifi_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_iwlwifi_disabled
@@ -5,7 +5,7 @@
 [description]:
 To configure the system to prevent the iwlwifi
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/iwlwifi.conf:
-install iwlwifi /bin/true
+install iwlwifi /bin/false
 
 To configure the system to prevent the iwlwifi from being used,
 add the following line to file /etc/modprobe.d/iwlwifi.conf:

OCIL for rule 'xccdf_org.ssgproject.content_rule_kernel_module_iwlwifi_disabled' differs.
--- ocil:ssg-kernel_module_iwlwifi_disabled_ocil:questionnaire:1
+++ ocil:ssg-kernel_module_iwlwifi_disabled_ocil:questionnaire:1
@@ -1,7 +1,7 @@
 
 If the system is configured to prevent the loading of the iwlwifi kernel module,
 it will contain lines inside any file in /etc/modprobe.d or the deprecated /etc/modprobe.conf.
-These lines instruct the module loading system to run another program (such as /bin/true) upon a module install event.
+These lines instruct the module loading system to run another program (such as /bin/false) upon a module install event.
 
 These lines can also instruct the module loading system to ignore the iwlwifi kernel module via blacklist keyword.
 

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_mac80211_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_mac80211_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_mac80211_disabled
@@ -5,7 +5,7 @@
 [description]:
 To configure the system to prevent the mac80211
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/mac80211.conf:
-install mac80211 /bin/true
+install mac80211 /bin/false
 
 To configure the system to prevent the mac80211 from being used,
 add the following line to file /etc/modprobe.d/mac80211.conf:

OCIL for rule 'xccdf_org.ssgproject.content_rule_kernel_module_mac80211_disabled' differs.
--- ocil:ssg-kernel_module_mac80211_disabled_ocil:questionnaire:1
+++ ocil:ssg-kernel_module_mac80211_disabled_ocil:questionnaire:1
@@ -1,7 +1,7 @@
 
 If the system is configured to prevent the loading of the mac80211 kernel module,
 it will contain lines inside any file in /etc/modprobe.d or the deprecated /etc/modprobe.conf.
-These lines instruct the module loading system to run another program (such as /bin/true) upon a module install event.
+These lines instruct the module loading system to run another program (such as /bin/false) upon a module install event.
 
 These lines can also instruct the module loading system to ignore the mac80211 kernel module via blacklist keyword.
 

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_cramfs_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_cramfs_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_cramfs_disabled
@@ -5,7 +5,7 @@
 [description]:
 To configure the system to prevent the cramfs
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/cramfs.conf:
-install cramfs /bin/true
+install cramfs /bin/false
 
 To configure the system to prevent the cramfs from being used,
 add the following line to file /etc/modprobe.d/cramfs.conf:

OCIL for rule 'xccdf_org.ssgproject.content_rule_kernel_module_cramfs_disabled' differs.
--- ocil:ssg-kernel_module_cramfs_disabled_ocil:questionnaire:1
+++ ocil:ssg-kernel_module_cramfs_disabled_ocil:questionnaire:1
@@ -1,7 +1,7 @@
 
 If the system is configured to prevent the loading of the cramfs kernel module,
 it will contain lines inside any file in /etc/modprobe.d or the deprecated /etc/modprobe.conf.
-These lines instruct the module loading system to run another program (such as /bin/true) upon a module install event.
+These lines instruct the module loading system to run another program (such as /bin/false) upon a module install event.
 
 These lines can also instruct the module loading system to ignore the cramfs kernel module via blacklist keyword.
 

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_freevxfs_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_freevxfs_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_freevxfs_disabled
@@ -5,7 +5,7 @@
 [description]:
 To configure the system to prevent the freevxfs
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/freevxfs.conf:
-install freevxfs /bin/true
+install freevxfs /bin/false
 
 To configure the system to prevent the freevxfs from being used,
 add the following line to file /etc/modprobe.d/freevxfs.conf:

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_hfs_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_hfs_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_hfs_disabled
@@ -5,7 +5,7 @@
 [description]:
 To configure the system to prevent the hfs
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/hfs.conf:
-install hfs /bin/true
+install hfs /bin/false
 
 To configure the system to prevent the hfs from being used,
 add the following line to file /etc/modprobe.d/hfs.conf:

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_hfsplus_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_hfsplus_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_hfsplus_disabled
@@ -5,7 +5,7 @@
 [description]:
 To configure the system to prevent the hfsplus
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/hfsplus.conf:
-install hfsplus /bin/true
+install hfsplus /bin/false
 
 To configure the system to prevent the hfsplus from being used,
 add the following line to file /etc/modprobe.d/hfsplus.conf:

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_jffs2_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_jffs2_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_jffs2_disabled
@@ -5,7 +5,7 @@
 [description]:
 To configure the system to prevent the jffs2
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/jffs2.conf:
-install jffs2 /bin/true
+install jffs2 /bin/false
 
 To configure the system to prevent the jffs2 from being used,
 add the following line to file /etc/modprobe.d/jffs2.conf:

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_squashfs_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_squashfs_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_squashfs_disabled
@@ -5,7 +5,7 @@
 [description]:
 To configure the system to prevent the squashfs
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/squashfs.conf:
-install squashfs /bin/true
+install squashfs /bin/false
 
 To configure the system to prevent the squashfs from being used,
 add the following line to file /etc/modprobe.d/squashfs.conf:

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_udf_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_udf_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_udf_disabled
@@ -5,7 +5,7 @@
 [description]:
 To configure the system to prevent the udf
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/udf.conf:
-install udf /bin/true
+install udf /bin/false
 
 To configure the system to prevent the udf from being used,
 add the following line to file /etc/modprobe.d/udf.conf:

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_usb-storage_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_usb-storage_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_usb-storage_disabled
@@ -8,7 +8,7 @@
 
 To configure the system to prevent the usb-storage
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/usb-storage.conf:
-install usb-storage /bin/true
+install usb-storage /bin/false
 
 To configure the system to prevent the usb-storage from being used,
 add the following line to file /etc/modprobe.d/usb-storage.conf:

OCIL for rule 'xccdf_org.ssgproject.content_rule_kernel_module_usb-storage_disabled' differs.
--- ocil:ssg-kernel_module_usb-storage_disabled_ocil:questionnaire:1
+++ ocil:ssg-kernel_module_usb-storage_disabled_ocil:questionnaire:1
@@ -1,7 +1,7 @@
 
 If the system is configured to prevent the loading of the usb-storage kernel module,
 it will contain lines inside any file in /etc/modprobe.d or the deprecated /etc/modprobe.conf.
-These lines instruct the module loading system to run another program (such as /bin/true) upon a module install event.
+These lines instruct the module loading system to run another program (such as /bin/false) upon a module install event.
 
 These lines can also instruct the module loading system to ignore the usb-storage kernel module via blacklist keyword.
 

New content has different text for rule 'xccdf_org.ssgproject.content_rule_kernel_module_vfat_disabled'.
--- xccdf_org.ssgproject.content_rule_kernel_module_vfat_disabled
+++ xccdf_org.ssgproject.content_rule_kernel_module_vfat_disabled
@@ -5,7 +5,7 @@
 [description]:
 To configure the system to prevent the vfat
 kernel module from being loaded, add the following line to the file /etc/modprobe.d/vfat.conf:
-install vfat /bin/true
+install vfat /bin/false
 
 To configure the system to prevent the vfat from being used,
 add the following line to file /etc/modprobe.d/vfat.conf:

@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 16, 2024
edited
Loading

🤖 A k8s content image for this PR is available at:
ghcr.io/complianceascode/k8scontent:12160
This image was built from commit: 6808ad1

Click here to see how to deploy it

If you alread have Compliance Operator deployed:
utils/build_ds_container.py -i ghcr.io/complianceascode/k8scontent:12160

Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and:
CONTENT_IMAGE=ghcr.io/complianceascode/k8scontent:12160 make deploy-local

@jan-cerny jan-cerny added this to the 0.1.74 milestone Jul 16, 2024
@jan-cerny jan-cerny self-assigned this Jul 16, 2024
@jan-cerny
Copy link
Collaborator

/packit build

jan-cerny
jan-cerny approved these changes Jul 17, 2024
View reviewed changes
Copy link
Collaborator

@jan-cerny jan-cerny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The CI fails are probably caused by the containerized nature of the CI environment. They can't be caused by the contents of this PR because this PR changes only prose.

@jan-cerny
Copy link
Collaborator

@alanmcanonical Can you please rebase this PR on the latest upstream master branch? That hopefully will solve the failing required check "testing-farm:centos-stream-9-x86_64:/static-checks".

@marcusburghardt marcusburghardt added the Documentation Update in project documentation. label Jul 19, 2024
@codeclimate CodeClimate
Copy link

codeclimate bot commented Jul 19, 2024

Code Climate has analyzed commit 6808ad1 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 59.4% (0.0% change).

View more on Code Climate.

@jan-cerny jan-cerny merged commit 0671459 into ComplianceAsCode:master Jul 19, 2024
85 of 90 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jan-cerny jan-cerny jan-cerny approved these changes

Assignees

@jan-cerny jan-cerny

Labels
Documentation Update in project documentation. needs-ok-to-test Used by openshift-ci bot.
Projects
None yet
Milestone
0.1.74
Development

Successfully merging this pull request may close these issues.
3 participants
@alanmcanonical @jan-cerny @marcusburghardt