From 22a6571ad301d1da27b10ee2760bcbee2dc9e79b Mon Sep 17 00:00:00 2001
From: Watson Sato <wsato@redhat.com>
Date: Fri, 29 Jan 2021 14:59:54 +0100
Subject: [PATCH] Remove rule for /boot noauto from R13

Disable the rule until mount options for /boot can be checked without
the need for the partition to be mounted.
---
 controls/anssi.yml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/controls/anssi.yml b/controls/anssi.yml
index fcf2a4f7a104..2173d23f9dd4 100644
--- a/controls/anssi.yml
+++ b/controls/anssi.yml
@@ -229,8 +229,11 @@ controls:
     description: >-
       When possible, the /boot partition should not be mounted. In any case, access to
       the /boot directory must only be allowed to the root user.
-    rules:
-    - mount_option_boot_noauto
+    notes: >-
+      The rule disabling auto-mount for /boot is commented until the rules checking for other
+      /boot mount options are updated to handle this usecase.
+    #rules:
+    #- mount_option_boot_noauto
 
   - id: R14
     level: intermediary