Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-116287

[RFE] redhat.rhel_system_roles.crypto_policies add option to reapply policy when .pmod file is changed

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • None
    • rhel-system-roles
    • 0
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • Red Hat Enterprise Linux
    • None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • All
    • None

      What were you trying to do?

      • Using the crypto_policies role to set policies.
      • When a user modifies a policy in /etc/crypto-policies/policies/modules/CUSTOMPOLICY.pmod, the role does not recognize that the file has changed, and therefore does not reapply the changed policy.

      Impact:

      Changes in the policy do not take effect until the `update-crypto-policies --set DEFAULT:CUSTOMPOLICY` command is run.

      Proposed solution:

      Enhance the redhat.rhel_system_roles.crypto_policies to detect changes in .pmod files and reapply the policy. 

      Package:

      rhel-system-roles-1.108.6-0.1.el9.noarch

      Steps to reproduce

      1. Create a policy in /etc/crypto-policies/policies/modules/CUSTOMPOLICY.pmod
      2. Use redhat.rhel_system_roles.crypto_policies role to apply the policy.
      3. Make a change in /etc/crypto-policies/policies/modules/CUSTOMPOLICY.pmod

              rmeggins@redhat.com Richard Megginson
              rhn-support-swachira@redhat.com Sam Wachira
              Richard Megginson Richard Megginson
              David Jez David Jez
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated: