From 50f534a5df6dd86909f76d6e6e94d930b6677473 Mon Sep 17 00:00:00 2001
From: mickael e <mickael@freedom.press>
Date: Mon, 3 Dec 2018 10:11:15 -0500
Subject: [PATCH] Revert "Add intel-microcode package"

This reverts commit aeb9f1d38b9b9d06eb61fc7280aca65251bd501b.

intel-microcode is in trusty-security, however, the package on which in
depends, iucode-tool is in trusty-multiverse. Because cron-apt will only
pull in packages from trusty-security, iucode-tool cannot be installed,
therefore intel-microcode cannot be installed, and securedrop-grsec is
in a broken state.
---
 install_files/ansible-base/group_vars/all/securedrop | 2 +-
 molecule/testinfra/staging/common/test_grsecurity.py | 1 -
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/install_files/ansible-base/group_vars/all/securedrop b/install_files/ansible-base/group_vars/all/securedrop
index 950b4dd7f4..f3c7c4306b 100644
--- a/install_files/ansible-base/group_vars/all/securedrop
+++ b/install_files/ansible-base/group_vars/all/securedrop
@@ -54,4 +54,4 @@ securedrop_cond_reboot_file: /tmp/sd-reboot-now
 # If you bump this, also remember to bump in molecule/builder/tests/vars.yml
 securedrop_pkg_grsec:
   ver: "4.4.162"
-  depends: "intel-microcode,linux-image-4.4.144-grsec,linux-firmware-image-4.4.144-grsec,linux-image-4.4.162-grsec,linux-firmware-image-4.4.162-grsec"
+  depends: "linux-image-4.4.144-grsec,linux-firmware-image-4.4.144-grsec,linux-image-4.4.162-grsec,linux-firmware-image-4.4.162-grsec"
diff --git a/molecule/testinfra/staging/common/test_grsecurity.py b/molecule/testinfra/staging/common/test_grsecurity.py
index 2ea8729e4c..40307ec989 100644
--- a/molecule/testinfra/staging/common/test_grsecurity.py
+++ b/molecule/testinfra/staging/common/test_grsecurity.py
@@ -19,7 +19,6 @@ def test_ssh_motd_disabled(File):
 @pytest.mark.skipif(os.environ.get('FPF_GRSEC', 'true') == "false",
                     reason="Need to skip in environment w/o grsec")
 @pytest.mark.parametrize("package", [
-    'intel-microcode',
     'linux-firmware-image-{}-grsec'.format(KERNEL_VERSION),
     'linux-image-{}-grsec'.format(KERNEL_VERSION),
     'paxctl',