class ManageIQ::ApplianceConsole::Scap

Constants

RULES_DIR

Public Class Methods

new(rules_dir = RULES_DIR) click to toggle source
# File lib/manageiq/appliance_console/scap.rb, line 8
def initialize(rules_dir = RULES_DIR)
  @rules_dir = rules_dir
end

Public Instance Methods

lockdown() click to toggle source
# File lib/manageiq/appliance_console/scap.rb, line 12
def lockdown
  if packages_installed? && config_exists?
    say("Locking down the appliance for SCAP...")
    require 'yaml'
    scap_config = YAML.load_file(yaml_filename)
    begin
      LinuxAdmin::Scap.new("rhel8").lockdown(*scap_config['rules'], scap_config['values'])
    rescue => e
      say("Configuration failed: #{e.message}")
    else
      say("Complete")
    end
  end
end

Private Instance Methods

config_exists?() click to toggle source
# File lib/manageiq/appliance_console/scap.rb, line 45
def config_exists?
  if File.exist?(yaml_filename)
    true
  else
    say("SCAP rules configuration file missing")
    false
  end
end
packages_installed?() click to toggle source
# File lib/manageiq/appliance_console/scap.rb, line 33
def packages_installed?
  if !LinuxAdmin::Scap.openscap_available?
    say("OpenSCAP has not been installed")
    false
  elsif !LinuxAdmin::Scap.ssg_available?("rhel8")
    say("SCAP Security Guide has not been installed")
    false
  else
    true
  end
end
yaml_filename() click to toggle source
# File lib/manageiq/appliance_console/scap.rb, line 29
def yaml_filename
  File.expand_path("scap_rules.yml", @rules_dir)
end