From 6234aae8c1f9ccd1d29d544119e01d96021e88bc Mon Sep 17 00:00:00 2001
From: Vojtech Polasek <vpolasek@redhat.com>
Date: Tue, 5 Dec 2023 13:48:34 +0100
Subject: [PATCH 1/3] add warning to rule timer_logrotate_enabled

although the rule has rhel7 and rhel8 prodtype, it does not make sense on those products
---
 .../logging/log_rotation/timer_logrotate_enabled/rule.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml b/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml
index 3804fdbe387..bf18c97c6b9 100644
--- a/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml
+++ b/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml
@@ -54,3 +54,11 @@ template:
     vars:
         timername: logrotate
         packagename: logrotate
+
+{{% if product in ["rhel7", "rhel8"] %}}
+warnings:
+    - general:
+        The Systemd unit <tt>logrotate.timer</tt> does not exist in
+        {{{ full_name }}}. The rule <tt>ensure_logrotate_activated</tt> is
+        suggested instead.
+{{% endif %}}

From bcb129eefda8daf6b1b9aae4abff88d8290dcdcc Mon Sep 17 00:00:00 2001
From: Vojtech Polasek <vpolasek@redhat.com>
Date: Tue, 5 Dec 2023 13:49:27 +0100
Subject: [PATCH 2/3] remove the rule from the rhel7 pci-dss profile

---
 products/rhel7/profiles/pci-dss.profile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/products/rhel7/profiles/pci-dss.profile b/products/rhel7/profiles/pci-dss.profile
index 7b2ff949257..b705a831442 100644
--- a/products/rhel7/profiles/pci-dss.profile
+++ b/products/rhel7/profiles/pci-dss.profile
@@ -30,3 +30,4 @@ selections:
     - '!service_ntp_enabled'
     - '!set_ipv6_loopback_traffic'
     - '!set_loopback_traffic'
+    - '!timer_logrotate_enabled'

From 147b1fc11751648fc4bdf9be40175a9c585fb716 Mon Sep 17 00:00:00 2001
From: Vojtech Polasek <vpolasek@redhat.com>
Date: Tue, 5 Dec 2023 13:49:48 +0100
Subject: [PATCH 3/3] remove the rule from rhel8 pci-dss profile

---
 products/rhel8/profiles/pci-dss.profile            | 1 +
 tests/data/profile_stability/rhel8/pci-dss.profile | 1 -
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/products/rhel8/profiles/pci-dss.profile b/products/rhel8/profiles/pci-dss.profile
index 6f6667618da..bbd00df1848 100644
--- a/products/rhel8/profiles/pci-dss.profile
+++ b/products/rhel8/profiles/pci-dss.profile
@@ -33,3 +33,4 @@ selections:
     - '!set_ipv6_loopback_traffic'
     - '!set_loopback_traffic'
     - '!service_ntpd_enabled'
+    - '!timer_logrotate_enabled'
diff --git a/tests/data/profile_stability/rhel8/pci-dss.profile b/tests/data/profile_stability/rhel8/pci-dss.profile
index 4c486e94ce6..fd8d8da498a 100644
--- a/tests/data/profile_stability/rhel8/pci-dss.profile
+++ b/tests/data/profile_stability/rhel8/pci-dss.profile
@@ -145,7 +145,6 @@ selections:
 - file_permissions_var_log_audit
 - package_telnet-server_removed
 - file_permissions_unauthorized_world_writable
-- timer_logrotate_enabled
 - package_tftp-server_removed
 - file_permissions_sshd_private_key
 - sshd_disable_tcp_forwarding