From e4cb1902374fc428f7294b4ee96d6980788f2efd Mon Sep 17 00:00:00 2001
From: Michael Boelen <michael.boelen@cisofy.com>
Date: Sat, 25 Nov 2017 16:11:04 +0100
Subject: [PATCH] Support for allow-auto-purge option in profiles

---
 default.prf      |  3 +++
 include/profiles | 10 ++++++++++
 2 files changed, 13 insertions(+)

diff --git a/default.prf b/default.prf
index 59338a8e..7ffb0679 100644
--- a/default.prf
+++ b/default.prf
@@ -460,6 +460,9 @@ permdir:/root/.ssh:rwx------:root:-:WARN:
 #
 #################################################################################
 
+# Allow this system to be purged when it is outdated (default: not defined).
+# This is useful for ephemeral systems which are short-lived.
+#allow-auto-purge=yes
 
 # Proxy settings
 # Protocol (http, https, socks5)
diff --git a/include/profiles b/include/profiles
index 4b7741fd..2a468b17 100644
--- a/include/profiles
+++ b/include/profiles
@@ -45,6 +45,16 @@
 
             case ${OPTION} in
 
+                # Is Lynis Enterprise allowed to purge this system when it is becomes outdated?
+                allow-auto-purge)
+                    FIND=$(echo "${VALUE}" | egrep "^(1|true|yes)$")
+                    if [ ! -z "${FIND}" ]; then
+                        Report "allow-auto-purge=1"
+                    else
+                        Report "allow-auto-purge=0"
+                    fi
+                ;;
+
                 # Define which compliance standards are enabled
                 # For this to work, the Enterprise plugins are needed
                 compliance_standards | check-compliance)