heat charm causes non DISA-STIG compliance
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Heat Charm |
New
|
Undecided
|
Unassigned |
Bug Description
ubuntu 20.04.5
juju 2.9.37
charm latest/stable rev CH:485
heat 14.2.0
Ussuri
When running `sudo usg fix disa_stig` against an ubuntu 20.04.5 machine, it becomes DISA-STIG compliant.
running `juju add-machine <user>@<ip>` and then `juju deploy heat --to 0` causes DISA-STIG to no longer be compliant
Specifically, running a diff against the compliant results `sudo usg audit disa_stig` and then against the newly deployed heat charm causes the following diff:
```
- <rule-result idref="
- <result>
+ <rule-result idref="
+ <result>
```
heat charm is breaking the permissions_