Merge pull request ComplianceAsCode#1581 from redhatrises/fix_rhel6_k…

…ickstarts [bugfix][RHEL/6] Fix kickstarts to use distribution content
alanmcanonical · Nov 30, 2016 · fc80c9f · fc80c9f
2 parents 04c85cc + 4c6d5f2
commit fc80c9f
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 75 deletions.
diff --git a/RHEL/6/kickstart/ssg-rhel6-pci-dss-with-gui-ks.cfg b/RHEL/6/kickstart/ssg-rhel6-pci-dss-with-gui-ks.cfg
@@ -159,42 +159,19 @@ aide
 # Install openscap-utils so it's possible to perform remediation once the
 # installation is complete
 openscap-scanner
+scap-security-guide
 
 %end # End of %packages section
 
 %post --log /root/oscap.log
 
-SSG_GIT_CONTENT="/root/scap-security-guide"
-OSCAP_GIT_CONTENT="/root/oscap"
-SSG_GIT_RHEL6="$SSG_GIT_CONTENT/RHEL/6"
-SSG_GIT_URI="https://github.com/OpenSCAP/scap-security-guide.git"
-SSG_SHARE_DIR="/usr/share/scap-security-guide"
-
-# Retrieve the most recent SCAP Security Guide repository content & build
-# the RHEL-6 benchmark.
-#
-# NOTE: Pointing to upstream SCAP Security Guide repository. Downstream/stable editions
-#       (e.g. those to ship natively with Red Hat Enterprise Linux 6) will be updated to
-#       point to natively included scap-security-guide RPM package.
-
-git clone $SSG_GIT_URI $SSG_GIT_CONTENT
-cd $SSG_GIT_RHEL6
-make
-
-# Copy the remediation functions library to the system too
-mkdir -p $SSG_SHARE_DIR
-cp -a $SSG_GIT_CONTENT/shared/remediations/bash/templates/remediation_functions $SSG_SHARE_DIR/remediation_functions
-
 # Perform post installation system remediation according to the PCI DSS profile
 # for Red Hat Enterprise Linux 6 Server via the oscap tool To create a system
 # compliant against different RHEL-6 SCAP Security Guide profile specify
 # selected profile name after the --profile oscap tool option
 
 oscap xccdf eval --remediate --profile pci-dss --report /root/oscap_pci-dss_remediation_report.html \
-"$SSG_GIT_RHEL6/output/ssg-rhel6-xccdf.xml"
-
-# Delete the retrieved GIT content
-rm -rf $SSG_GIT_CONTENT
+/usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
 
 %end # End of %post section
 

diff --git a/RHEL/6/kickstart/ssg-rhel6-stig-ks.cfg b/RHEL/6/kickstart/ssg-rhel6-stig-ks.cfg
@@ -363,41 +363,18 @@ aide
 # Install openscap-utils so it's possible to perform remediation once the
 # installation is complete
 openscap-utils
+scap-security-guide
 
 %end # End of %packages section
 
 %post --log /root/oscap.log
-
-SSG_GIT_CONTENT="/root/scap-security-guide"
-SSG_GIT_RHEL6="$SSG_GIT_CONTENT/RHEL/6"
-SSG_GIT_URI="https://github.com/OpenSCAP/scap-security-guide.git"
-SSG_SHARE_DIR="/usr/share/scap-security-guide"
-
-# Retrieve the most recent SCAP Security Guide repository content & build
-# the RHEL-6 benchmark.
-
-# NOTE: Pointing to upstream SCAP Security Guide repository. Downstream/stable editions
-#       (e.g. those to ship natively with Red Hat Enterprise Linux 6) will be updated to
-#       point to natively included scap-security-guide RPM package.
-
-git clone $SSG_GIT_URI $SSG_GIT_CONTENT
-cd $SSG_GIT_RHEL6
-make
-
-# Copy the remediation functions library to the system too
-mkdir -p $SSG_SHARE_DIR
-cp -a $SSG_GIT_CONTENT/shared/remediations/bash/templates/remediation_functions $SSG_SHARE_DIR/remediation_functions
-
 # Perform post installation system remediation according to the DoD STIG profile
 # for Red Hat Enterprise Linux 6 Server via the oscap tool
 # To create a system compliant against different RHEL-6 SCAP Security Guide profile specify selected
 # profile name after the --profile oscap tool option
 
 oscap xccdf eval --remediate --profile stig-rhel6-server-upstream --report /root/oscap_stig_remediation_report.html \
-"$SSG_GIT_RHEL6/output/ssg-rhel6-xccdf.xml"
-
-# Delete the retrieved GIT content
-rm -rf $SSG_GIT_CONTENT
+/usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
 
 %end # End of %post section
 

diff --git a/RHEL/6/kickstart/ssg-rhel6-usgcb-server-with-gui-ks.cfg b/RHEL/6/kickstart/ssg-rhel6-usgcb-server-with-gui-ks.cfg
@@ -153,40 +153,17 @@ aide
 # Install openscap-utils so it's possible to perform remediation once the
 # installation is complete
 openscap-utils
+scap-security-guide
 
 %end # End of %packages section
 
 %post --log /root/oscap.log
-
-SSG_GIT_CONTENT="/root/scap-security-guide"
-SSG_GIT_RHEL6="$SSG_GIT_CONTENT/RHEL/6"
-SSG_GIT_URI="https://github.com/OpenSCAP/scap-security-guide.git"
-SSG_SHARE_DIR="/usr/share/scap-security-guide"
-
-# Retrieve the most recent SCAP Security Guide repository content & build
-# the RHEL-6 benchmark.
-
-# NOTE: Pointing to upstream SCAP Security Guide repository. Downstream/stable editions
-#       (e.g. those to ship natively with Red Hat Enterprise Linux 6) will be updated to
-#       point to natively included scap-security-guide RPM package.
-
-git clone $SSG_GIT_URI $SSG_GIT_CONTENT
-cd $SSG_GIT_RHEL6
-make
-
-# Copy the remediation functions library to the system too
-mkdir -p $SSG_SHARE_DIR
-cp -a $SSG_GIT_CONTENT/shared/remediations/bash/templates/remediation_functions $SSG_SHARE_DIR/remediation_functions
-
 # Perform post installation system remediation according to the USGCB profile via the oscap tool
 # To create a system compliant against different RHEL-6 SCAP Security Guide profile specify selected
 # profile name after the --profile oscap tool option
 
 oscap xccdf eval --remediate --profile usgcb-rhel6-server --report /root/oscap_usgcb_remediation_report.html \
-"$SSG_GIT_RHEL6/output/ssg-rhel6-xccdf.xml"
-
-# Delete the retrieved GIT content
-rm -rf $SSG_GIT_CONTENT
+/usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
 
 %end # End of %post section