Addressing issue simp#129

Removed 'grub_superuser' as an input. The STIG guidance is clear that this is the only allowable account so there is no reason to allow it to be tailored. Updated V-71961 to remove reference to the 'grub_superuser' input and hardcode "grub_superuser = 'root'". Signed-off-by: Lesley Kimmel <lesley.j.kimmel@users.noreply.github.com>
ljkimmel · Mar 25, 2020 · 43dbe1f · 43dbe1f
1 parent 963595d
commit 43dbe1f
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 10 deletions.
diff --git a/controls/V-71961.rb b/controls/V-71961.rb
@@ -1,10 +1,5 @@
 # encoding: utf-8
 #
-grub_superuser = input(
-  'grub_superuser',
-  description: 'superusers for grub boot ( array )',
-  value: ['root']
-)
 grub_user_boot_files = input(
  'grub_user_boot_files',
  description: 'grub boot config files',
@@ -76,6 +71,7 @@
   tag "fix_id": "F-78313r2_fix"
 
   grub_main_content = file(grub_main_cfg).content
+  grub_superuser = 'root'
 
   # Check if any additional superusers are set
   pattern = %r{\s*set superusers=\"(\w+)\"}i

diff --git a/inspec.yml b/inspec.yml
@@ -284,11 +284,6 @@ inputs:
   type: String
   value: '/boot/grub2/grub.cfg'
 
-- name: grub_superuser
-  description: superusers for grub boot
-  type: Array
-  value: ['root']
-
 - name: grub_user_boot_files
   description: Grub boot config files
   type: Array