Tree - rpms/scap-security-guide

rpms / scap-security-guide

Files

Commit: ff1465361ce508f93601c5dcefe092ef09bc26bb
Blob Blame History Raw
From c988807382a5c0e307567def55fcedcb2e3b75b7 Mon Sep 17 00:00:00 2001
From: Matthew Burket <mburket@redhat.com>
Date: Mon, 4 Oct 2021 12:18:05 -0500
Subject: [PATCH 1/4] Update rsyslog_remote_loghost to match STIG and CIS

STIG and CIS only match *.conf files and we matched all files.
Moving to match the benchmarks.

Fixes #7333
---
 .../rsyslog_remote_loghost/oval/shared.xml                      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml
index 5895b7fab24..7b5d4968886 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml
@@ -39,7 +39,7 @@
 
   <ind:textfilecontent54_object id="object_remote_loghost_rsyslog_d" version="1">
     <ind:path>/etc/rsyslog.d</ind:path>
-    <ind:filename operation="pattern match">.*</ind:filename>
+    <ind:filename operation="pattern match">*.conf</ind:filename>
     <ind:pattern operation="pattern match">^\*\.\*[\s]+(?:@|\:omrelp\:)</ind:pattern>
     <ind:instance datatype="int">1</ind:instance>
   </ind:textfilecontent54_object>

From 19d72d76e6818f47e71245dece0d6faa62cfcdb1 Mon Sep 17 00:00:00 2001
From: Matthew Burket <mburket@redhat.com>
Date: Mon, 4 Oct 2021 13:11:10 -0500
Subject: [PATCH 3/4] Add packages so that test suite pass in a container

---
 .../rsyslog_remote_loghost/tests/line_commented.fail.sh          | 1 +
 .../rsyslog_remote_loghost/tests/line_not_there.fail.sh          | 1 +
 .../rsyslog_remote_loghost/tests/remote_configured.pass.sh       | 1 +
 3 files changed, 3 insertions(+)

diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_commented.fail.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_commented.fail.sh
index 52376effea2..760606278b3 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_commented.fail.sh
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_commented.fail.sh
@@ -1,4 +1,5 @@
 #!/bin/bash
+# packages = rsyslog
 
 CONF_FILE="/etc/rsyslog.conf"
 LOGHOST_LINE="*.* @@192.168.122.1:5000"
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_not_there.fail.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_not_there.fail.sh
index 8a55da88c8d..ac82180f21c 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_not_there.fail.sh
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_not_there.fail.sh
@@ -1,4 +1,5 @@
 #!/bin/bash
+# packages = rsyslog
 
 CONF_FILE="/etc/rsyslog.conf"
 sed -i "/^\*\.\*.*/d" "$CONF_FILE"
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/remote_configured.pass.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/remote_configured.pass.sh
index 8122a490f25..3c396b4e52a 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/remote_configured.pass.sh
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/remote_configured.pass.sh
@@ -1,4 +1,5 @@
 #!/bin/bash
+# packages = rsyslog
 
 CONF_FILE="/etc/rsyslog.conf"
 LOGHOST_LINE="*.* @@192.168.122.1:5000"

From e7110e97c808b82a8d6d91c9da42f6c5422747cf Mon Sep 17 00:00:00 2001
From: Matthew Burket <mburket@redhat.com>
Date: Mon, 11 Oct 2021 11:33:13 -0500
Subject: [PATCH 4/4] Fix regex on rsyslog_remote_loghost

---
 .../rsyslog_remote_loghost/oval/shared.xml                      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml
index 7b5d4968886..0fdd24e18c2 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml
@@ -39,7 +39,7 @@
 
   <ind:textfilecontent54_object id="object_remote_loghost_rsyslog_d" version="1">
     <ind:path>/etc/rsyslog.d</ind:path>
-    <ind:filename operation="pattern match">*.conf</ind:filename>
+    <ind:filename operation="pattern match">^.+\.conf$</ind:filename>
     <ind:pattern operation="pattern match">^\*\.\*[\s]+(?:@|\:omrelp\:)</ind:pattern>
     <ind:instance datatype="int">1</ind:instance>
   </ind:textfilecontent54_object>
rpms / scap-security-guide

Source Code

Files
