From 6d03b500f275ef9c9cc0f9f31c1c1f2ea3e213eb Mon Sep 17 00:00:00 2001
From: teacup-on-rockingchair
 <315160+teacup-on-rockingchair@users.noreply.github.com>
Date: Wed, 12 Nov 2025 13:18:05 +0200
Subject: [PATCH] Fix aide periodic check remediation for sle15/sle16

Make sure the cron packages and configuration files for aide are aligned with the platform
---
 .../ansible/shared.yml                        | 16 ++++++++++++---
 .../bash/shared.sh                            | 20 +++++++++++++++----
 2 files changed, 29 insertions(+), 7 deletions(-)

diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml
index 2ac0e025d6cc..b0d414ce929a 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml
@@ -17,20 +17,30 @@
 {{% endif %}}
     state: present
 
+- name: "Gather list of installed packages"
+  ansible.builtin.package_facts:
+    manager: auto
+
 {{% if product != 'ubuntu2404' %}}
 - name: "{{{ rule_title }}}"
   ansible.builtin.cron:
-{{% if product in ["sle12", "sle15"] %}}
+{{% if product in ["sle12", "sle15", "sle16"] %}}
     name: "{{{ rule_title }}}"
-    cron_file: /etc/crontab
+    cron_file: /etc/cron.d/dailyaidecheck
 {{% else %}}
     name: "run AIDE check"
 {{% endif %}}
     minute: 05
     hour: 04
-    weekday: 0
     user: root
     job: "{{{ aide_bin_path }}} --check"
+  register: crontab_check
+{{% if "ubuntu" in product or "debian" in product %}}
+  when: "'cron' in ansible_facts.packages"
+{{% else %}}
+  when: "'cronie' in ansible_facts.packages"
+{{% endif %}}
+
 {{% else %}}
 - name: "{{{ rule_title }}} - Install AIDE Cron Job"
   ansible.builtin.lineinfile:
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
index 7b17c1c02d6f..6436d2cd02a0 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
@@ -2,9 +2,21 @@
 
 {{{ bash_package_install("aide") }}}
 
-if ! grep -q "{{{ aide_bin_path }}} --check" /etc/crontab ; then
-    echo "05 4 * * * root {{{ aide_bin_path }}} --check" >> /etc/crontab
+{{% if "ubuntu" in product or "debian" in product %}}
+{{{ bash_package_install("cron") }}}
+{{% else %}}
+{{{ bash_package_install("cronie") }}}
+{{% endif %}}
+
+{{% if product in ["sle15", "sle16"] %}}
+CRON_FILE="/etc/cron.d/dailyaidecheck"
+{{% else %}}
+CRON_FILE="/etc/crontab"
+{{% endif %}}
+
+if ! grep -q "{{{ aide_bin_path }}} --check" "${CRON_FILE}" ; then
+    echo "05 4 * * * root {{{ aide_bin_path }}} --check" >> "${CRON_FILE}"
 else
-    sed -i '\!^.*{{{ aide_bin_dir }}} --check.*$!d' /etc/crontab
-    echo "05 4 * * * root {{{ aide_bin_path }}} --check" >> /etc/crontab
+    sed -i '\!^.*{{{ aide_bin_dir }}} --check.*$!d' "${CRON_FILE}"
+    echo "05 4 * * * root {{{ aide_bin_path }}} --check" >> "${CRON_FILE}"
 fi