mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
31 lines
1012 B
Plaintext
31 lines
1012 B
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * security/compliance_operator/co-scans/compliance-operator-remediation.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="compliance-unapplying_{context}"]
|
|
= Unapplying a remediation
|
|
|
|
It might be required to unapply a remediation that was previously applied.
|
|
|
|
.Procedure
|
|
. Set the `apply` flag to `false`:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc -n openshift-compliance \
|
|
patch complianceremediations/rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects \
|
|
--patch '{"spec":{"apply":false}}' --type=merge
|
|
----
|
|
|
|
. The remediation status will change to `NotApplied` and the composite `MachineConfig` object would be re-rendered to not include the remediation.
|
|
+
|
|
[IMPORTANT]
|
|
====
|
|
All affected nodes with the remediation will be rebooted.
|
|
====
|
|
|
|
[IMPORTANT]
|
|
====
|
|
The Compliance Operator does not automatically resolve dependency issues that can occur between remediations. Users should perform a rescan after remediations are applied to ensure accurate results.
|
|
==== |