Merge pull request #11353 from vojtapolasek/remove_obsolete_packages_from_pcidss_stabilizaton

[Stabilization] handle rules trying to remove no longer existing packages

Author: Mab879

linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml

@@ -49,3 +49,9 @@ template:
     name: package_removed
     vars:
         pkgname: xinetd
+
+{{% if product in ["rhel9"] %}}
+warnings:
+    - general:
+        The package is not available in {{{ full_name }}}.
+{{% endif %}}

linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml

@@ -43,3 +43,9 @@ template:
     name: package_removed
     vars:
         pkgname: ypbind
+
+{{% if product in ["rhel9"] %}}
+warnings:
+    - general:
+        The package is not available in {{{ full_name }}}.
+{{% endif %}}

linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml

@@ -52,3 +52,9 @@ template:
     name: package_removed
     vars:
         pkgname: ypserv
+
+{{% if product in ["rhel9"] %}}
+warnings:
+    - general:
+        The package is not available in {{{ full_name }}}.
+{{% endif %}}

linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml

@@ -50,3 +50,9 @@ template:
     name: package_removed
     vars:
         pkgname: rsh-server
+
+{{% if product in ["rhel8", "rhel9"] %}}
+warnings:
+    - general:
+        The package is not available in {{{ full_name }}}.
+{{% endif %}}

linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml

@@ -61,3 +61,9 @@ template:
         pkgname@ubuntu1804: rsh-client
         pkgname@ubuntu2004: rsh-client
         pkgname@ubuntu2204: rsh-client
+
+{{% if product in ["rhel8", "rhel9"] %}}
+warnings:
+    - general:
+        The package is not available in {{{ full_name }}}.
+{{% endif %}}

linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml

@@ -33,3 +33,9 @@ template:
     name: package_removed
     vars:
         pkgname: talk-server
+
+{{% if product in ["rhel8", "rhel9"] %}}
+warnings:
+    - general:
+        The package is not available in {{{ full_name }}}.
+{{% endif %}}

linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml

@@ -43,3 +43,9 @@ template:
     name: package_removed
     vars:
         pkgname: talk
+
+{{% if product in ["rhel8", "rhel9"] %}}
+warnings:
+    - general:
+        The package is not available in {{{ full_name }}}.
+{{% endif %}}

products/rhel8/profiles/pci-dss.profile

@@ -34,3 +34,7 @@ selections:
     - '!set_loopback_traffic'
     - '!service_ntpd_enabled'
     - '!timer_logrotate_enabled'
+    - '!package_talk_removed'
+    - '!package_talk-server_removed'
+    - '!package_rsh_removed'
+    - '!package_rsh-server_removed'

products/rhel9/profiles/pci-dss.profile

@@ -36,3 +36,10 @@ selections:
     - '!set_ipv6_loopback_traffic'
     - '!set_loopback_traffic'
     - '!service_ntpd_enabled'
+    - '!package_ypserv_removed'
+    - '!package_ypbind_removed'
+    - '!package_talk_removed'
+    - '!package_talk-server_removed'
+    - '!package_xinetd_removed'
+    - '!package_rsh_removed'
+    - '!package_rsh-server_removed'

tests/data/profile_stability/rhel8/pci-dss.profile

@@ -65,7 +65,6 @@ selections:
 - file_owner_etc_shadow
 - accounts_passwords_pam_faillock_deny
 - accounts_password_all_shadowed
-- package_talk-server_removed
 - accounts_root_gid_zero
 - selinux_state
 - audit_rules_time_clock_settime
@@ -85,7 +84,6 @@ selections:
 - network_sniffer_disabled
 - audit_rules_session_events
 - package_dhcp_removed
-- package_rsh_removed
 - file_owner_cron_d
 - sshd_set_idle_timeout
 - file_groupowner_cron_weekly
@@ -213,7 +211,6 @@ selections:
 - auditd_data_retention_space_left_action
 - rsyslog_files_permissions
 - file_owner_cron_monthly
-- package_talk_removed
 - file_permissions_cron_daily
 - selinux_confinement_of_daemons
 - sysctl_net_ipv4_conf_all_send_redirects
@@ -245,7 +242,6 @@ selections:
 - rpm_verify_hashes
 - file_owner_cron_allow
 - file_permissions_sshd_pub_key
-- package_rsh-server_removed
 - dconf_gnome_disable_automount
 - gid_passwd_group_same
 - package_xinetd_removed