Merge pull request #12715 from mpurg/fix_missing_file_pass

Remove unused parameter missing_file_pass from rules and docs
ComplianceAsCode · Dec 13, 2024 · 0b16615 · 0b16615
2 parents baf5a10 + 377ffdc
commit 0b16615
Show file tree

Hide file tree

Showing 52 changed files with 0 additions and 129 deletions.
diff --git a/applications/openshift/master/file_owner_ovs_conf_db_lock/rule.yml b/applications/openshift/master/file_owner_ovs_conf_db_lock/rule.yml
@@ -35,4 +35,3 @@ template:
     vars:
         filepath: /etc/openvswitch/.conf.db.~lock~
         fileuid: '800'
-        missing_file_pass: "true"
diff --git a/docs/templates/template_reference.md b/docs/templates/template_reference.md
@@ -292,9 +292,6 @@
     -   **filepath_is_regex** - If set to `"true"` the OVAL will
         consider the value of **filepath** as a regular expression.
 
-    -   **missing_file_pass** - If set to `"true"` the OVAL check will
-        pass when file is absent. Default value is `"false"`.
-
     -   **file_regex** - Regular expression that matches file names in
         a directory specified by **filepath**. Can be set only if
         **filepath** parameter specifies a directory. Note: Applies to
@@ -332,9 +329,6 @@ they must be of the same length.
     -   **filepath_is_regex** - If set to `"true"` the OVAL will
         consider the value of **filepath** as a regular expression.
 
-    -   **missing_file_pass** - If set to `"true"` the OVAL check will
-        pass when file is absent. Default value is `"false"`.
-
     -   **file_regex** - Regular expression that matches file names in
         a directory specified by **filepath**. Can be set only if
         **filepath** parameter specifies a directory. Note: Applies to
@@ -369,9 +363,6 @@ they must be of the same length.
     -   **filepath_is_regex** - If set to `"true"` the OVAL will
         consider the value of **filepath** as a regular expression.
 
-    -   **missing_file_pass** - If set to `"true"` the OVAL check will
-        pass when file is absent. Default value is `"false"`.
-
     -   **file_regex** - Regular expression that matches file names in
         a directory specified by **filepath**. Can be set only if
         **filepath** parameter specifies a directory. Note: Applies to

diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml
@@ -36,5 +36,4 @@ template:
     name: file_groupowner
     vars:
         filepath: /etc/at.allow
-        missing_file_pass: 'true'
         gid_or_name: '0'
diff --git a/..._os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml b/..._os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml
@@ -51,7 +51,6 @@ template:
     name: file_groupowner
     vars:
         filepath: /etc/cron.allow
-        missing_file_pass: 'true'
 {{% if "ubuntu" in product %}}
         gid_or_name: 'crontab'
 {{% else %}}

diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_allow/rule.yml
@@ -37,5 +37,4 @@ template:
     name: file_owner
     vars:
         filepath: /etc/at.allow
-        missing_file_pass: 'true'
         fileuid: '0'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml
@@ -45,5 +45,4 @@ template:
     name: file_owner
     vars:
         filepath: /etc/cron.allow
-        missing_file_pass: 'true'
         fileuid: '0'
diff --git a/...x_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml b/...x_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml
@@ -46,5 +46,4 @@ template:
     name: file_permissions
     vars:
         filepath: /etc/at.allow
-        missing_file_pass: 'true'
         filemode: '{{{ target_perms_octal }}}'
diff --git a/...os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml b/...os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml
@@ -46,5 +46,4 @@ template:
     name: file_permissions
     vars:
         filepath: /etc/cron.allow
-        missing_file_pass: 'true'
         filemode: "{{{ target_perms_octal }}}"
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_allow/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_allow/rule.yml
@@ -23,4 +23,3 @@ template:
     vars:
         filepath: /etc/hosts.allow
         gid_or_name: '0'
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_deny/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_deny/rule.yml
@@ -23,4 +23,3 @@ template:
     vars:
         filepath: /etc/hosts.deny
         gid_or_name: '0'
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml
@@ -23,4 +23,3 @@ template:
     vars:
         filepath: /etc/hosts.allow
         fileuid: '0'
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml
@@ -23,4 +23,3 @@ template:
     vars:
         filepath: /etc/hosts.deny
         fileuid: '0'
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_allow/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_allow/rule.yml
@@ -23,4 +23,3 @@ template:
     vars:
         filepath: /etc/hosts.allow
         filemode: '0644'
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_deny/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_deny/rule.yml
@@ -23,4 +23,3 @@ template:
     vars:
         filepath: /etc/hosts.deny
         filemode: '0644'
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/rule.yml b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/rule.yml
@@ -30,4 +30,3 @@ template:
         file_regex:
             - ^.*\.pub$
         gid_or_name: '0'
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/rule.yml b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/rule.yml
@@ -30,4 +30,3 @@ template:
         file_regex:
             - ^.*\.pub$
         fileuid: '0'
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml
@@ -55,6 +55,5 @@ template:
     name: file_permissions
     vars:
         filepath: /etc/ssh/
-        missing_file_pass: 'true'
         file_regex: ^.*\.pub$
         filemode: '0644'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml
@@ -40,4 +40,3 @@ template:
     vars:
         filepath: /etc/issue.net
         gid_or_name: '0'
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml
@@ -40,4 +40,3 @@ template:
     vars:
         filepath: /etc/motd
         gid_or_name: '0'
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml
@@ -40,4 +40,3 @@ template:
     vars:
         filepath: /etc/issue.net
         fileuid: '0'
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml
@@ -40,4 +40,3 @@ template:
     vars:
         filepath: /etc/motd
         fileuid: '0'
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml
@@ -40,4 +40,3 @@ template:
     vars:
         filepath: /etc/issue.net
         filemode: '0644'
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml
@@ -40,4 +40,3 @@ template:
     vars:
         filepath: /etc/motd
         filemode: '0644'
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/system/permissions/files/file_groupowner_systemmap/rule.yml b/linux_os/guide/system/permissions/files/file_groupowner_systemmap/rule.yml
@@ -32,4 +32,3 @@ template:
         filepath: /boot/
         file_regex: ^.*System\.map.*$
         gid_or_name: root
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/system/permissions/files/file_owner_systemmap/rule.yml b/linux_os/guide/system/permissions/files/file_owner_systemmap/rule.yml
@@ -32,4 +32,3 @@ template:
         filepath: /boot/
         file_regex: ^.*System\.map.*$
         fileuid: '0'
-        missing_file_pass: 'true'
diff --git a/linux_os/guide/system/permissions/files/file_permissions_systemmap/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_systemmap/rule.yml
@@ -33,4 +33,3 @@ template:
         file_regex: ^.*System\.map.*$
         filemode: '0600'
         allow_stricter_permissions: 'true'
-        missing_file_pass: 'true'
diff --git a/...sions/files/permissions_important_account_files/file_groupowner_backup_etc_group/rule.yml b/...sions/files/permissions_important_account_files/file_groupowner_backup_etc_group/rule.yml
@@ -44,4 +44,3 @@ template:
     vars:
         filepath: /etc/group-
         gid_or_name: '0'
-        missing_file_pass: 'true'
diff --git a/...ons/files/permissions_important_account_files/file_groupowner_backup_etc_gshadow/rule.yml b/...ons/files/permissions_important_account_files/file_groupowner_backup_etc_gshadow/rule.yml
@@ -55,4 +55,3 @@ template:
         gid_or_name@ubuntu1804: '42'
         gid_or_name@ubuntu2004: '42'
         gid_or_name@ubuntu2204: '42'
-        missing_file_pass: 'true'
diff --git a/...ions/files/permissions_important_account_files/file_groupowner_backup_etc_passwd/rule.yml b/...ions/files/permissions_important_account_files/file_groupowner_backup_etc_passwd/rule.yml
@@ -44,4 +44,3 @@ template:
     vars:
         filepath: /etc/passwd-
         gid_or_name: '0'
-        missing_file_pass: 'true'
diff --git a/...ions/files/permissions_important_account_files/file_groupowner_backup_etc_shadow/rule.yml b/...ions/files/permissions_important_account_files/file_groupowner_backup_etc_shadow/rule.yml
@@ -55,4 +55,3 @@ template:
 {{% else %}}
         gid_or_name: '0'
 {{% endif %}}
-        missing_file_pass: 'true'
diff --git a/...s/files/permissions_important_account_files/file_groupowner_etc_security_opasswd/rule.yml b/...s/files/permissions_important_account_files/file_groupowner_etc_security_opasswd/rule.yml
@@ -24,4 +24,3 @@ template:
     vars:
         filepath: /etc/security/opasswd
         gid_or_name: '0'
-        missing_file_pass: true
diff --git a/...les/permissions_important_account_files/file_groupowner_etc_security_opasswd_old/rule.yml b/...les/permissions_important_account_files/file_groupowner_etc_security_opasswd_old/rule.yml
@@ -24,4 +24,3 @@ template:
     vars:
         filepath: /etc/security/opasswd.old
         gid_or_name: '0'
-        missing_file_pass: true
diff --git a/...ermissions/files/permissions_important_account_files/file_owner_backup_etc_group/rule.yml b/...ermissions/files/permissions_important_account_files/file_owner_backup_etc_group/rule.yml
@@ -44,4 +44,3 @@ template:
     vars:
         filepath: /etc/group-
         fileuid: '0'
-        missing_file_pass: 'true'
diff --git a/...missions/files/permissions_important_account_files/file_owner_backup_etc_gshadow/rule.yml b/...missions/files/permissions_important_account_files/file_owner_backup_etc_gshadow/rule.yml
@@ -44,4 +44,3 @@ template:
     vars:
         filepath: /etc/gshadow-
         fileuid: '0'
-        missing_file_pass: 'true'
diff --git a/...rmissions/files/permissions_important_account_files/file_owner_backup_etc_passwd/rule.yml b/...rmissions/files/permissions_important_account_files/file_owner_backup_etc_passwd/rule.yml
@@ -44,4 +44,3 @@ template:
     vars:
         filepath: /etc/passwd-
         fileuid: '0'
-        missing_file_pass: 'true'
diff --git a/...rmissions/files/permissions_important_account_files/file_owner_backup_etc_shadow/rule.yml b/...rmissions/files/permissions_important_account_files/file_owner_backup_etc_shadow/rule.yml
@@ -44,4 +44,3 @@ template:
     vars:
         filepath: /etc/shadow-
         fileuid: '0'
-        missing_file_pass: 'true'
diff --git a/...ssions/files/permissions_important_account_files/file_owner_etc_security_opasswd/rule.yml b/...ssions/files/permissions_important_account_files/file_owner_etc_security_opasswd/rule.yml
@@ -24,4 +24,3 @@ template:
     vars:
         filepath: /etc/security/opasswd
         fileuid: '0'
-        missing_file_pass: true
diff --git a/...ns/files/permissions_important_account_files/file_owner_etc_security_opasswd_old/rule.yml b/...ns/files/permissions_important_account_files/file_owner_etc_security_opasswd_old/rule.yml
@@ -24,4 +24,3 @@ template:
     vars:
         filepath: /etc/security/opasswd.old
         fileuid: '0'
-        missing_file_pass: true
diff --git a/...ions/files/permissions_important_account_files/file_permissions_backup_etc_group/rule.yml b/...ions/files/permissions_important_account_files/file_permissions_backup_etc_group/rule.yml
@@ -45,4 +45,3 @@ template:
     vars:
         filepath: /etc/group-
         filemode: '0644'
-        missing_file_pass: 'true'
diff --git a/...ns/files/permissions_important_account_files/file_permissions_backup_etc_gshadow/rule.yml b/...ns/files/permissions_important_account_files/file_permissions_backup_etc_gshadow/rule.yml
@@ -58,4 +58,3 @@ template:
         filemode@ubuntu1804: '0640'
         filemode@ubuntu2004: '0640'
         filemode@ubuntu2204: '0640'
-        missing_file_pass: 'true'
diff --git a/...ons/files/permissions_important_account_files/file_permissions_backup_etc_passwd/rule.yml b/...ons/files/permissions_important_account_files/file_permissions_backup_etc_passwd/rule.yml
@@ -46,4 +46,3 @@ template:
     vars:
         filepath: /etc/passwd-
         filemode: '0644'
-        missing_file_pass: 'true'
diff --git a/...ons/files/permissions_important_account_files/file_permissions_backup_etc_shadow/rule.yml b/...ons/files/permissions_important_account_files/file_permissions_backup_etc_shadow/rule.yml
@@ -62,4 +62,3 @@ template:
         filemode@ubuntu2204: '0640'
         filemode@sle12: '0640'
         filemode@sle15: '0640'
-        missing_file_pass: 'true'
diff --git a/.../files/permissions_important_account_files/file_permissions_etc_security_opasswd/rule.yml b/.../files/permissions_important_account_files/file_permissions_etc_security_opasswd/rule.yml
@@ -23,4 +23,3 @@ template:
     vars:
         filepath: /etc/security/opasswd
         filemode: '0600'
-        missing_file_pass: true
diff --git a/...es/permissions_important_account_files/file_permissions_etc_security_opasswd_old/rule.yml b/...es/permissions_important_account_files/file_permissions_etc_security_opasswd_old/rule.yml
@@ -23,4 +23,3 @@ template:
     vars:
         filepath: /etc/security/opasswd.old
         filemode: '0600'
-        missing_file_pass: true
diff --git a/...stem/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml b/...stem/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml
@@ -66,5 +66,4 @@ template:
             - /sbin/rsyslogd
             - /sbin/augenrules
         gid_or_name: '0'
-        missing_file_pass: 'true'
 
diff --git a/...ide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml b/...ide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml
@@ -66,4 +66,3 @@ template:
             - /sbin/rsyslogd
             - /sbin/augenrules
         fileuid: '0'
-        missing_file_pass: 'true'
diff --git a/...e/system/software/integrity/software-integrity/aide/file_audit_tools_permissions/rule.yml b/...e/system/software/integrity/software-integrity/aide/file_audit_tools_permissions/rule.yml
@@ -58,4 +58,3 @@ template:
             - /sbin/rsyslogd
             - /sbin/augenrules
         filemode: '0755'
-        missing_file_pass: 'true'
diff --git a/shared/templates/file_groupowner/template.py b/shared/templates/file_groupowner/template.py
@@ -5,9 +5,6 @@
 def preprocess(data, lang):
     ensure_file_paths_and_file_regexes_are_correctly_defined(data)
 
-    data["missing_file_pass"] = parse_template_boolean_value(
-        data, parameter="missing_file_pass", default_value=False)
-
     data["recursive"] = parse_template_boolean_value(data,
                                                      parameter="recursive",
                                                      default_value=False)

diff --git a/shared/templates/file_groupowner/tests/missing_file_test.pass.sh b/shared/templates/file_groupowner/tests/missing_file_test.pass.sh
diff --git a/shared/templates/file_owner/template.py b/shared/templates/file_owner/template.py
@@ -5,9 +5,6 @@
 def preprocess(data, lang):
     ensure_file_paths_and_file_regexes_are_correctly_defined(data)
 
-    data["missing_file_pass"] = parse_template_boolean_value(
-        data, parameter="missing_file_pass", default_value=False)
-
     data["recursive"] = parse_template_boolean_value(data,
                                                      parameter="recursive",
                                                      default_value=False)

diff --git a/shared/templates/file_owner/tests/missing_file_test.pass.sh b/shared/templates/file_owner/tests/missing_file_test.pass.sh
diff --git a/shared/templates/file_permissions/template.py b/shared/templates/file_permissions/template.py
@@ -41,8 +41,6 @@ def preprocess(data, lang):
 
     data["allow_stricter_permissions"] = parse_template_boolean_value(data, parameter="allow_stricter_permissions", default_value=True)
 
-    data["missing_file_pass"] = parse_template_boolean_value(data, parameter="missing_file_pass", default_value=False)
-
     data["recursive"] = parse_template_boolean_value(data,
                                                      parameter="recursive",
                                                      default_value=False)