rpms / scap-security-guide

Clone
Source Code
GIT

Blame SOURCES/scap-security-guide-0.1.58-update_stig_mapping_table-PR_7327.patch

c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   889f2b583f8e6c5f14571e0d693652afe8844c45
  2.   SOURCES
  3.   scap-security-guide-0.1.58-update_stig_mapping_table-PR_7327.patch
Blob History Raw
889f2b 
From ea1bab197a17dd944e41a583c82c3cc757bb566b Mon Sep 17 00:00:00 2001
889f2b 
From: Gabriel Becker <ggasparb@redhat.com>
889f2b 
Date: Wed, 4 Aug 2021 12:23:05 +0200
889f2b 
Subject: [PATCH] Update STIG mapping table to reflect statistics of coverage.
889f2b
889f2b 
---
889f2b 
 .../shared_xccdf-apply-overlay-stig.xslt      | 59 +++++++++++++------
889f2b 
 .../transforms/shared_xccdf2table-stig.xslt   | 28 +++++++++
889f2b 
 2 files changed, 68 insertions(+), 19 deletions(-)
889f2b
889f2b 
diff --git a/shared/transforms/shared_xccdf-apply-overlay-stig.xslt b/shared/transforms/shared_xccdf-apply-overlay-stig.xslt
889f2b 
index 945f709b95..b7c000608c 100644
889f2b 
--- a/shared/transforms/shared_xccdf-apply-overlay-stig.xslt
889f2b 
+++ b/shared/transforms/shared_xccdf-apply-overlay-stig.xslt
889f2b 
@@ -28,26 +28,47 @@
889f2b 
       <xsl:variable name="overlay_ref" select="@disa"/>
889f2b 
       <xsl:variable name="overlay_title" select="xccdf:title/@text"/>
889f2b
889f2b 
-      <xsl:for-each select="$rules">
889f2b 
-        <xsl:if test="@id=$overlay_rule">
889f2b 
-		  <Group id="V-{$overlay_id}">
889f2b 
-		    <title>SRG-OS-ID</title>
889f2b 
-		    <description></description>
889f2b 
-            <Rule id="{$overlay_rule}" severity="{$overlay_severity}" >
889f2b 
-			<version><xsl:value-of select="$overlay_version"/></version>
889f2b 
-          	<title><xsl:value-of select="$overlay_title"/></title>
889f2b 
-          	<description><xsl:copy-of select="xccdf:rationale/node()" /></description>
889f2b 
-          	<check system="C-{$overlay_id}_chk">
889f2b 
-              <check-content>
889f2b 
-					      <xsl:apply-templates select="xccdf:check[@system='http://scap.nist.gov/schema/ocil/2']"/>
889f2b 
-              </check-content>
889f2b 
-          	</check>
889f2b 
-		  	<ident system="https://public.cyber.mil/stigs/cci"><xsl:value-of select="$overlay_ref" /></ident>
889f2b 
-          	<fixtext><xsl:copy-of select="xccdf:description/node()" /></fixtext>
889f2b 
-          </Rule>
889f2b 
+      <xsl:choose>
889f2b 
+        <xsl:when test="$overlay_rule='XXXX'">
889f2b 
+          <Group id="V-{$overlay_id}">
889f2b 
+            <title>SRG-OS-ID</title>
889f2b 
+            <description></description>
889f2b 
+                <Rule id="Missing Rule" severity="{$overlay_severity}" >
889f2b 
+          <version><xsl:value-of select="$overlay_version"/></version>
889f2b 
+                <title><xsl:value-of select="$overlay_title"/></title>
889f2b 
+                <description></description>
889f2b 
+                <check system="C-{$overlay_id}_chk">
889f2b 
+                  <check-content>
889f2b 
+                  </check-content>
889f2b 
+                </check>
889f2b 
+                <ident></ident>
889f2b 
+                <fixtext></fixtext>
889f2b 
+              </Rule>
889f2b 
           </Group>
889f2b 
-        </xsl:if>
889f2b 
-      </xsl:for-each>
889f2b 
+        </xsl:when>
889f2b 
+        <xsl:otherwise>
889f2b 
+          <xsl:for-each select="$rules">
889f2b 
+            <xsl:if test="@id=$overlay_rule">
889f2b 
+          <Group id="V-{$overlay_id}">
889f2b 
+            <title>SRG-OS-ID</title>
889f2b 
+            <description></description>
889f2b 
+                <Rule id="{$overlay_rule}" severity="{$overlay_severity}" >
889f2b 
+          <version><xsl:value-of select="$overlay_version"/></version>
889f2b 
+                <title><xsl:value-of select="$overlay_title"/></title>
889f2b 
+                <description><xsl:copy-of select="xccdf:rationale/node()" /></description>
889f2b 
+                <check system="C-{$overlay_id}_chk">
889f2b 
+                  <check-content>
889f2b 
+                    <xsl:apply-templates select="xccdf:check[@system='http://scap.nist.gov/schema/ocil/2']"/>
889f2b 
+                  </check-content>
889f2b 
+                </check>
889f2b 
+            <ident system="https://public.cyber.mil/stigs/cci"><xsl:value-of select="$overlay_ref" /></ident>
889f2b 
+                <fixtext><xsl:copy-of select="xccdf:description/node()" /></fixtext>
889f2b 
+              </Rule>
889f2b 
+              </Group>
889f2b 
+            </xsl:if>
889f2b 
+          </xsl:for-each>
889f2b 
+        </xsl:otherwise>
889f2b 
+    </xsl:choose>
889f2b
889f2b 
     </xsl:for-each>
889f2b 
     </xsl:copy>
889f2b 
diff --git a/shared/transforms/shared_xccdf2table-stig.xslt b/shared/transforms/shared_xccdf2table-stig.xslt
889f2b 
index 3746c386c0..4c477542f4 100644
889f2b 
--- a/shared/transforms/shared_xccdf2table-stig.xslt
889f2b 
+++ b/shared/transforms/shared_xccdf2table-stig.xslt
889f2b 
@@ -20,6 +20,34 @@
889f2b
889f2b
889f2b
889f2b 
+
889f2b 
+
889f2b 
+
889f2b 
+
889f2b 
+
889f2b 
+					Total
889f2b 
+					Missing
889f2b 
+					Implemented
889f2b 
+					Coverage
889f2b 
+					STIG ids missing rule
889f2b 
+
889f2b 
+
889f2b 
+
889f2b 
+
889f2b 
+					<xsl:value-of select="number(count(/cdf:Benchmark/cdf:Group/cdf:Rule))"/>
889f2b 
+					<xsl:value-of select="number(count(/cdf:Benchmark/cdf:Group/cdf:Rule[@id='Missing Rule']))"/>
889f2b 
+					<xsl:value-of select="number(count(/cdf:Benchmark/cdf:Group/cdf:Rule[@id!='Missing Rule']))"/>
889f2b 
+					<xsl:value-of select="format-number(count(/cdf:Benchmark/cdf:Group/cdf:Rule[@id!='Missing Rule']) div count(/cdf:Benchmark/cdf:Group/cdf:Rule)*100, '#.00')"/>%
889f2b 
+
889f2b 
+						<xsl:for-each select="/cdf:Benchmark/cdf:Group/cdf:Rule[@id='Missing Rule']">
889f2b 
+							<xsl:value-of select="cdf:version/node()"/><xsl:text>
</xsl:text>
889f2b 
+						</xsl:for-each>
889f2b 
+
889f2b 
+
889f2b 
+
889f2b 
+
889f2b 
+
889f2b 
+
889f2b 
 			<xsl:apply-templates select="cdf:Benchmark"/>
889f2b 
 		</body>
889f2b 
 		</html>

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation