From a76930c35acc3eea8e8c76f048db99034962d4e2 Mon Sep 17 00:00:00 2001
From: Eduardo Barretto <eduardo.barretto@canonical.com>
Date: Mon, 27 Sep 2021 13:35:09 +0200
Subject: [PATCH 1/2] Make package_mcafeetp_installed work on Ubuntu

---
 .../package_mcafeetp_installed/rule.yml           | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
index 095b6ab02d5..6159a69ed74 100644
--- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
@@ -1,6 +1,12 @@
+{{% if 'ubuntu' in product %}}
+{{% set pkg='mfetp' %}}
+{{% else %}}
+{{% set pkg='mcafeetp' %}}
+{{% endif %}}
+
 documentation_complete: true
 
-prodtype: rhel7,rhel8
+prodtype: ol7,ol8,rhel7,rhel8,ubuntu2004
 
 title: 'Install McAfee Endpoint Security for Linux (ENSL)'
 
@@ -9,7 +15,7 @@ description: |-
     which is provided for DoD systems and uses signatures to search for the
     presence of viruses on the filesystem.
 
-    {{{ describe_package_install(package="mcafeetp") }}}
+    {{{ describe_package_install(package=pkg) }}}
 
 rationale: |-
     Virus scanning software can be used to detect if a system has been compromised by
@@ -25,12 +31,14 @@ references:
     disa: CCI-001233
     nist: SI-2(2)
     srg: SRG-OS-000191-GPOS-00080
+    stigid@ol7: OL07-00-020019
     stigid@rhel7: RHEL-07-020019
     stigid@rhel8: RHEL-08-010001
+    stigid@ubuntu2004: UBTU-20-010415
 
 ocil_clause: 'the package is not installed'
 
-ocil: '{{{ ocil_package(package="mcafeetp") }}}'
+ocil: '{{{ ocil_package(package=pkg) }}}'
 
 warnings:
     - general: |-
@@ -41,7 +49,7 @@ warnings:
 template:
     name: package_installed
     vars:
-        pkgname: mcafeetp
+        pkgname: {{{ pkg }}}
     backends:
         bash: "off"
         ansible: "off"

From 7674ec00ff042551bd9469c2aa07bd79ce320933 Mon Sep 17 00:00:00 2001
From: Eduardo Barretto <eduardo.barretto@canonical.com>
Date: Mon, 27 Sep 2021 13:35:34 +0200
Subject: [PATCH 2/2] Add package_mcafeetp_installed to Ubuntu 20.04 STIG
 Profile

---
 products/ubuntu2004/profiles/stig.profile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/products/ubuntu2004/profiles/stig.profile b/products/ubuntu2004/profiles/stig.profile
index 90002996d06..a44039adf3d 100644
--- a/products/ubuntu2004/profiles/stig.profile
+++ b/products/ubuntu2004/profiles/stig.profile
@@ -442,6 +442,7 @@ selections:
     - encrypt_partitions
 
     # UBTU-20-010415 The Ubuntu operating system must deploy Endpoint Security for Linux Threat Prevention (ENSLTP).
+    - package_mcafeetp_installed
 
     # UBTU-20-010416 The Ubuntu operating system must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.
     - permissions_local_var_log