wsato / rpms / scap-security-guide

Forked from rpms/scap-security-guide 3 years ago
Clone
Source Code
GIT

Blame SOURCES/scap-security-guide-0.1.44-template_file_permissions_use_regex.patch

c7 c7-alt c7-beta c8 c8-beta c8s
  1.   0d5c1071ad2a95875eb936dc89d01b07d25105ff
  2.   SOURCES
  3.   scap-security-guide-0.1.44-template_file_permissions_use_regex.patch
Blob History Raw
0d5c10 
From 1732e962e1157832e77a5471a4cd9ebeb6da83a5 Mon Sep 17 00:00:00 2001
0d5c10 
From: Watson Sato <wsato@redhat.com>
0d5c10 
Date: Tue, 19 Mar 2019 16:34:37 +0100
0d5c10 
Subject: [PATCH 1/2] Set use_regex to true
0d5c10
0d5c10 
The specified pattern is a regular expression
0d5c10 
---
0d5c10 
 shared/templates/template_ANSIBLE_file_regex_permissions | 1 +
0d5c10 
 1 file changed, 1 insertion(+)
0d5c10
0d5c10 
diff --git a/shared/templates/template_ANSIBLE_file_regex_permissions b/shared/templates/template_ANSIBLE_file_regex_permissions
0d5c10 
index cfa6073347..6be3b0db2e 100644
0d5c10 
--- a/shared/templates/template_ANSIBLE_file_regex_permissions
0d5c10 
+++ b/shared/templates/template_ANSIBLE_file_regex_permissions
0d5c10 
@@ -7,6 +7,7 @@
0d5c10 
   find:
0d5c10 
     paths: "{{{ FILEPATH }}}"
0d5c10 
     patterns: "{{{ FILENAME }}}"
0d5c10 
+    use_regex: yes
0d5c10 
   register: files_found
0d5c10 
   tags:
0d5c10 
     @ANSIBLE_TAGS@
0d5c10
0d5c10 
From 64c07573e7b30bed581e1765f0964d8934b5ee58 Mon Sep 17 00:00:00 2001
0d5c10 
From: Watson Sato <wsato@redhat.com>
0d5c10 
Date: Tue, 19 Mar 2019 16:35:27 +0100
0d5c10 
Subject: [PATCH 2/2] Add test for multiple ssh keys
0d5c10
0d5c10 
---
0d5c10 
 .../multiple_keys.fail.sh                                 | 8 ++++++++
0d5c10 
 1 file changed, 8 insertions(+)
0d5c10 
 create mode 100644 tests/data/group_services/group_ssh/rule_file_permissions_sshd_private_key/multiple_keys.fail.sh
0d5c10
0d5c10 
diff --git a/tests/data/group_services/group_ssh/rule_file_permissions_sshd_private_key/multiple_keys.fail.sh b/tests/data/group_services/group_ssh/rule_file_permissions_sshd_private_key/multiple_keys.fail.sh
0d5c10 
new file mode 100644
0d5c10 
index 0000000000..7942950dda
0d5c10 
--- /dev/null
0d5c10 
+++ b/tests/data/group_services/group_ssh/rule_file_permissions_sshd_private_key/multiple_keys.fail.sh
0d5c10 
@@ -0,0 +1,8 @@
0d5c10 
+#!/bin/bash
0d5c10 
+#
0d5c10 
+# profiles = xccdf_org.ssgproject.content_profile_ospp
0d5c10 
+
0d5c10 
+FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key)
0d5c10 
+chmod 0777 $FAKE_KEY
0d5c10 
+FAKE_KEY2=$(mktemp -p /etc/ssh/ XXXX_key)
0d5c10 
+chmod 0640 $FAKE_KEY2

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation