Skip to content

Commit

Permalink
Do not disable vfat by default
Browse files Browse the repository at this point in the history 
On UEFI-systems the boot-partition is FAT by default (see [here](https://wiki.archlinux.org/index.php/Unified_Extensible_Firmware_Interface/System_partition)).

If we disable vfat, these systems become unbootable. This has already bitten some users using ansible-os-hardening (dev-sec/ansible-collection-hardening#162, dev-sec/ansible-collection-hardening#145).

Therefore I propose we do not check for a disabled vfat filesystem as vfat is often used on newer systems.
  • Loading branch information
@rndmh3ro
rndmh3ro authored Jul 1, 2018
1 parent 2768ba0 commit caab8d9
Showing 1 changed file with 0 additions and 1 deletion.
1 change: 0 additions & 1 deletion controls/os_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -210,7 +210,6 @@
its(:content) { should match 'install hfsplus /bin/true' }
its(:content) { should match 'install squashfs /bin/true' }
its(:content) { should match 'install udf /bin/true' }
its(:content) { should match 'install vfat /bin/true' }
end
end

Expand Down

0 comments on commit caab8d9

Please sign in to comment.