From 35fa42e0786d62ad7cb6f80b33d35012ad222bec Mon Sep 17 00:00:00 2001
From: Major Hayden <major@mhtx.net>
Date: Tue, 8 Nov 2016 09:25:18 -0600
Subject: [PATCH] Refactor package removal

This patch changes the package removal so that it uses the 'package'
module rather than splitting into two tasks for apt and rpm.

Implements: blueprint security-rhel7-stig
Change-Id: I763165b73e9343c379185d886caf39e2e139ad62
---
 tasks/rhel7stig/packages.yml | 32 ++------------------------------
 1 file changed, 2 insertions(+), 30 deletions(-)

diff --git a/tasks/rhel7stig/packages.yml b/tasks/rhel7stig/packages.yml
index 32710a8b..43815f42 100644
--- a/tasks/rhel7stig/packages.yml
+++ b/tasks/rhel7stig/packages.yml
@@ -13,8 +13,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-- name: Add or remove packages based on STIG requirements (dpkg)
-  apt:
+- name: Add or remove packages based on STIG requirements
+  package:
     name: |
       {%- set pkg_list = [] %}
       {%- for package_dict in item[1] %}
@@ -22,34 +22,6 @@
       {%- endfor %}
       {{ pkg_list }}
     state: "{{ item[0] }}"
-  when:
-    - ansible_os_family | lower == 'debian'
-  with_items:
-    - "{{ stig_packages | selectattr('enabled') | groupby('state') }}"
-  tags:
-    - cat1
-    - auth
-    - packages
-    - services
-    - RHEL-07-010072
-    - RHEL-07-021910
-    - RHEL-07-020000
-    - RHEL-08-020010
-    - RHEL-07-040260
-    - RHEL-07-040500
-    - RHEL-07-040560
-
-- name: Add or remove packages based on STIG requirements (rpm)
-  yum:
-    name: |
-      {%- set pkg_list = [] %}
-      {%- for package_dict in item[1] %}
-      {%- if pkg_list.extend(package_dict.packages) %}{% endif %}
-      {%- endfor %}
-      {{ pkg_list }}
-    state: "{{ item[0] }}"
-  when:
-    - ansible_os_family | lower == 'redhat'
   with_items:
     - "{{ stig_packages | selectattr('enabled') | groupby('state') }}"
   tags: