Marcus Burghardt

This issue was raised when I was working on https://github.com/ComplianceAsCode/content/pull/12419

/packit build

> @ComplianceAsCode/trusted-developers anyone can help with the failing test that prevent this PR from merging? It seems the issue with the `no_empty_passwords` rule is legit. I couldn't go deep investigating...

Probably related PR: https://github.com/ComplianceAsCode/content/pull/12351

For reference: https://complianceascode.readthedocs.io/en/latest/tests/README.html#augmenting-using-shared-templates

The `auditd_audispd_syslog_plugin_activated` rule is still not in `rhel8/ospp.profile`. Is it intentional?

CI tests for ANSSI are returning error with rules `service_sssd_enabled` and `sssd_enable_pam_services`. The remediation of `sssd_enable_pam_services` is not supposed to create `sssd` conf files, as it was incorrectly doing before...

> CI tests for ANSSI are returning error with rules `service_sssd_enabled` and `sssd_enable_pam_services`. The remediation of `sssd_enable_pam_services` is not supposed to create `sssd` conf files, as it was incorrectly doing...

I saw that other SSSD related rules could benefit of the applicability introduced here. I have plan to check these rules in another opportunity. Each rule uses a different approach....

It seems OVAL is fine. Not sure about Bash and Ansible remediation. We should double check the used macros.