db2663b116
This patch adds functionality to enable autoremoval of dependencies when a package is removed. This can be dangerous, so it is disabled by default. Docs are included. Implements: blueprint security-rhel7-stig Change-Id: Ie88ffaec33249ac2ff03bf3d712533b382fac877
454 B
454 B
---id: RHEL-07-020200 status: opt-in tag: packages ---
Although the STIG requires that dependent packages are removed automatically when a package is removed, this can cause problems with certain packages, especially kernels. Deployers must opt in to meet the requirements of this STIG control.
Deployers should set the following variable to enable automatic dependent package removal:
security_package_clean_on_remove: yes