fix: ol in product to ol in families

[Mab879]

Description:

Fix ol in product in rule file_permissions_var_log_audit

Rationale:

Fixes #14017

[Mab879]

FYI @ComplianceAsCode/oracle-maintainers

[mrkanon]

@Mab879 Thank you for submitting this PR and for your attention to these changes. I noticed that we have similar conditionals for the Ansible and Bash remediations; it might be a good idea to update those as well for consistency.

[ggbecker]

Doing a similar search I was still able to find these occurrences:

linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/oval/shared.xml:
  21    <ind:textfilecontent54_state id="state_aide_check_attributes" version="1">
  22:     {{% if 'rhel' not in product and 'ubuntu' not in product and 'ol' not in product and 'fedora' not in product %}}
  23      <ind:subexpression operation="equals">p+i+n+u+g+s+b+acl+selinux+xattrs+sha512</ind:subexpression>

product_properties/10-audit-binaries.yml:
   9      - /sbin/auditd
  10:     {{% if 'rhel' not in product and 'ubuntu' not in product and 'ol' not in product %}}
  11      - /sbin/audispd

shared/macros/01-general.jinja:
  1226  {{%- macro aide_string() -%}}
  1227: {{%- if 'rhel' not in product and 'ubuntu' not in product and 'ol' not in product and product not in ['fedora'] -%}}
  1228  p+i+n+u+g+s+b+acl+selinux+xattrs+sha512

  1244      /usr/sbin/autrace {{{ aide_string() }}}
  1245:     {{% if 'rhel' not in product and 'ol' not in product %}}/usr/sbin/audispd {{{ aide_string() }}}{{% endif %}}
  1246      {{% if 'ol' in families %}}/usr/sbin/rsyslogd {{{ aide_string() }}}{{% endif %}}

Will that potentially cause the same issue?

[mrkanon]

Doing a similar search I was still able to find these occurrences:

linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/oval/shared.xml:
  21    <ind:textfilecontent54_state id="state_aide_check_attributes" version="1">
  22:     {{% if 'rhel' not in product and 'ubuntu' not in product and 'ol' not in product and 'fedora' not in product %}}
  23      <ind:subexpression operation="equals">p+i+n+u+g+s+b+acl+selinux+xattrs+sha512</ind:subexpression>

product_properties/10-audit-binaries.yml:
   9      - /sbin/auditd
  10:     {{% if 'rhel' not in product and 'ubuntu' not in product and 'ol' not in product %}}
  11      - /sbin/audispd

shared/macros/01-general.jinja:
  1226  {{%- macro aide_string() -%}}
  1227: {{%- if 'rhel' not in product and 'ubuntu' not in product and 'ol' not in product and product not in ['fedora'] -%}}
  1228  p+i+n+u+g+s+b+acl+selinux+xattrs+sha512

  1244      /usr/sbin/autrace {{{ aide_string() }}}
  1245:     {{% if 'rhel' not in product and 'ol' not in product %}}/usr/sbin/audispd {{{ aide_string() }}}{{% endif %}}
  1246      {{% if 'ol' in families %}}/usr/sbin/rsyslogd {{{ aide_string() }}}{{% endif %}}

Will that potentially cause the same issue?

In addition of that I found these similar conditions:

linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
36-
37:{{% if "ol" not in product %}}
38-template:
--
linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
48-
49:{{% if "ol" not in product %}}
50-platform: mount[home]
--
shared/templates/kernel_module_disabled/oval.template
16-      {{% endif %}}
17:{{% if "ubuntu" not in product and "rhel" not in product and "ol" not in product and product not in ["fedora"] %}}
18-      <criterion test_ref="test_kernmod_{{{ KERNMODULE }}}_modprobeconf" comment="kernel module {{{ KERNMODULE }}} disabled in /etc/modprobe.conf" />

61-
62:{{% if "ubuntu" not in product and "rhel" not in product and "ol" not in product and product not in ["fedora"] %}}
63-  <ind:textfilecontent54_test id="test_kernmod_{{{ KERNMODULE }}}_modprobeconf" version="1" check="all"

[openshift-ci]

@Mab879: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/e2e-aws-openshift-node-compliance	7122db0	link	true	/test e2e-aws-openshift-node-compliance

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.