skyler / rpms / scap-security-guide

Forked from rpms/scap-security-guide 3 years ago
Clone
Source Code
GIT

Files

  1.   dac76ab332cb6f7ca5cdbec311d2754a26f6d91e
  2.   SOURCES
  3.   scap-security-guide-0.1.50-add_package_libselinux_installed_PR_5312.patch
Blob Blame History Raw 
From c10f34d8c3932784d69eb0d7b5cff640139ded52 Mon Sep 17 00:00:00 2001
From: Vojtech Polasek <vpolasek@redhat.com>
Date: Thu, 19 Mar 2020 09:55:24 +0100
Subject: [PATCH 1/3] add new rule

---
 .../package_libselinux_installed/rule.yml     | 38 +++++++++++++++++++
 2 files changed, 38 insertions(+), 2 deletions(-)
 create mode 100644 linux_os/guide/system/selinux/package_libselinux_installed/rule.yml

diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml b/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
new file mode 100644
index 0000000000..a9970fb2c2
--- /dev/null
+++ b/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
@@ -0,0 +1,38 @@
+documentation_complete: true
+
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,ocp4
+
+title: 'Install libselinux Package'
+
+description: |-
+    {{{ describe_package_install(package="libselinux") }}}
+
+rationale: |-
+    Security-enhanced Linux is a feature of the Linux kernel and a number of utilities
+    with enhanced security functionality designed to add mandatory access controls to Linux.
+    The Security-enhanced Linux kernel contains new architectural components originally
+    developed to improve security of the Flask operating system. These architectural components
+    provide general support for the enforcement of many kinds of mandatory access control
+    policies, including those based on the concepts of Type Enforcement, Role-based Access
+    Control, and Multi-level Security. 
+
+    The <tt>libselinux</tt> package contains the core library of the Security-enhanced Linux system.  
+
+severity: high
+
+identifiers:
+    cce@rhel7: 82876-4
+    cce@rhel8: 82877-2
+
+references:
+    cis@rhel7: 1.6.2
+    cis@rhel8: 1.7.1.1
+
+ocil_clause: 'the package is not installed'
+
+ocil: '{{{ ocil_package(package="libselinux") }}}'
+
+template:
+    name: package_installed
+    vars:
+        pkgname: libselinux
From 80e8674b374cd82510abcf923a18235bae3e5948 Mon Sep 17 00:00:00 2001
From: Vojtech Polasek <vpolasek@redhat.com>
Date: Thu, 19 Mar 2020 15:48:10 +0100
Subject: [PATCH 3/3] change wording of rationale

---
 .../system/selinux/package_libselinux_installed/rule.yml     | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml b/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
index a9970fb2c2..2855c21c90 100644
--- a/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
+++ b/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
@@ -10,11 +10,6 @@ description: |-
 rationale: |-
     Security-enhanced Linux is a feature of the Linux kernel and a number of utilities
     with enhanced security functionality designed to add mandatory access controls to Linux.
-    The Security-enhanced Linux kernel contains new architectural components originally
-    developed to improve security of the Flask operating system. These architectural components
-    provide general support for the enforcement of many kinds of mandatory access control
-    policies, including those based on the concepts of Type Enforcement, Role-based Access
-    Control, and Multi-level Security. 
 
     The <tt>libselinux</tt> package contains the core library of the Security-enhanced Linux system.

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation