File stig-hardening.spec of Package stig-hardening

#
# spec file for package hello
#
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#


Name:           stig-hardening
Summary:        Apply STIG Hardening
License:        GPL-3.0-or-later
Group:          Development/Tools/Other
Version:        1
Release:        0
BuildRoot:      %{_tmppath}/%{name}-%{version}-build

BuildRequires:	audit

# required by STIG
Requires:	aide
# FIPS 140-2 required by STIG
Requires:	patterns-base-fips

%description
This package applies DISA STIG hardening to your system.

This does not supply "pre installation" steps.
This does not supply "ongoing check" steps.
This does not configure components like aide.

%prep

%build

%install
mkdir -p %buildroot/etc/audit/rules.d/
cat /usr/share/audit/sample-rules/30-stig.rules 	>  %buildroot/etc/audit/rules.d/stig-hardening.rules
echo "-e 1" 						>> %buildroot/etc/audit/rules.d/stig-hardening.rules
echo "Hallo" > README

%post
echo "doing the stig work..."
# enable audit
sysctl enable auditd.service
sysctl start auditd.service
# force enable FIPS
# check and enable firewall?

%files
%defattr(-, root, root)
%doc README
/etc/audit/rules.d/stig-hardening.rules

%changelog