Fix use of legacy facts

Fixes #161
simp · Nov 26, 2024 · cb9ef42 · cb9ef42
1 parent a90181b
commit cb9ef42
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 10 deletions.
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,3 +1,6 @@
+* Mon Nov 25 2024 Steven Pritchard <steve@sicura-us> - 7.3.1
+- Fix use of legacy facts
+
 * Mon Nov 04 2024 Mike Riddle <mike@sicura.us> - 7.3.0
 - "root_unlock_time" will no longer be included in faillock.conf if "even_deny_root" is set to false
 - Added nullok back as a parameter for completeness, however, users are warned not to use it unless

diff --git a/SIMP/compliance_profiles/checks.yaml b/SIMP/compliance_profiles/checks.yaml
@@ -422,7 +422,7 @@ checks:
       nist_800_53:rev4:
       - AC-7:b
     confine:
-      osfamily: RedHat
+      os.family: RedHat
   oval:com.puppet.forge.simp.pam.cracklib_maxrepeat:
     settings:
       parameter: pam::cracklib_maxrepeat
@@ -439,7 +439,7 @@ checks:
       - SRG-OS-000072-GPOS-00040
       - CCI-000195
     confine:
-      osfamily: RedHat
+      os.family: RedHat
   oval:com.puppet.forge.simp.pam.even_deny_root:
     settings:
       parameter: pam::even_deny_root
@@ -458,8 +458,8 @@ checks:
       - SRG-OS-000021-GPOS-00005
       - CCI-002238
     confine:
-      osfamily: RedHat
-      operatingsystemmajrelease: '7'
+      os.family: RedHat
+      os.release.major: '7'
   oval:com.puppet.forge.simp.pam.hash_algorithm:
     settings:
       parameter: pam::hash_algorithm
@@ -476,8 +476,8 @@ checks:
       - SRG-OS-000073-GPOS-00041
       - CCI-000196
     confine:
-      osfamily: RedHat
-      operatingsystemmajrelease: '7'
+      os.family: RedHat
+      os.release.major: '7'
   oval:com.puppet.forge.simp.pam.unlock_time:
     settings:
       parameter: pam::unlock_time
@@ -494,8 +494,8 @@ checks:
       - SRG-OS-000329-GPOS-00128
       - CCI-002238
     confine:
-      osfamily: RedHat
-      operatingsystemmajrelease: '7'
+      os.family: RedHat
+      os.release.major: '7'
     oval-ids:
     - xccdf_org:ssgproject:content_rule_accounts_passwords_pam_faillock_unlock_time
     - accounts_passwords_pam_faillock_unlock_time
diff --git a/metadata.json b/metadata.json
@@ -1,6 +1,6 @@
 {
   "name": "simp-pam",
-  "version": "7.3.0",
+  "version": "7.3.1",
   "author": "SIMP Team",
   "summary": "A SIMP puppet module for managing pam",
   "license": "Apache-2.0",

diff --git a/spec/acceptance/suites/default/00_default_spec.rb b/spec/acceptance/suites/default/00_default_spec.rb
@@ -20,7 +20,7 @@
           apply_manifest_on(host, manifest, {:catch_changes => true})
         end
 
-        os_major = fact_on(host, 'operatingsystemmajrelease')
+        os_major = fact_on(host, 'os.release.major')
 
         # Total hack to support Amazon without a bunch of logic
         if ['7','2'].include?(os_major)