<def-group>
 <!-- THIS FILE IS GENERATED by create_sysctl_checks.py.  DO NOT EDIT.  -->
  <definition class="compliance" id="sysctl_SYSCTLID" version="2">
    <metadata>
      <title>Kernel Runtime Parameter "SYSCTLVAR" Check</title>
      <affected family="unix">
        <platform>Red Hat Enterprise Linux 7</platform>
      </affected>
      <description>The kernel runtime parameter "SYSCTLVAR" should be set to "SYSCTLVAL".</description>
      <reference source="swells" ref_id="20140912" ref_url="test_attestation" />
    </metadata>
    <criteria operator="AND">
      <criterion comment="kernel runtime parameter SYSCTLVAR set to SYSCTLVAL" test_ref="test_runtime_sysctl_SYSCTLID" />
      <criteria operator="OR">
        <criterion comment="kernel static parameter SYSCTLVAR set to SYSCTLVAL in /etc/sysctl.conf" test_ref="test_static_sysctl_SYSCTLID" />
        <!-- see sysctl.d(5) -->
        <criterion comment="kernel static parameter SYSCTLVAR set to SYSCTLVAL in /etc/sysctl.d/*.conf" test_ref="test_static_etc_sysctld_SYSCTLID" />
        <criterion comment="kernel static parameter SYSCTLVAR set to SYSCTLVAL in /run/sysctl.d/*.conf" test_ref="test_static_run_sysctld_SYSCTLID" />
        <criterion comment="kernel static parameter SYSCTLVAR set to SYSCTLVAL in /usr/lib/sysctl.d/*.conf" test_ref="test_static_usr_lib_sysctld_SYSCTLID" />
      </criteria>
    </criteria>
  </definition>

  <unix:sysctl_test check="all" check_existence="all_exist" comment="kernel runtime parameter SYSCTLVAR set to SYSCTLVAL" id="test_runtime_sysctl_SYSCTLID" version="1">
    <unix:object object_ref="object_sysctl_SYSCTLID" />
    <unix:state state_ref="state_sysctl_SYSCTLID" />
  </unix:sysctl_test>

  <ind:textfilecontent54_test check="all" check_existence="all_exist" comment="SYSCTLVAR static configuration" id="test_static_sysctl_SYSCTLID" version="1">
    <ind:object object_ref="object_static_sysctl_SYSCTLID" />
  </ind:textfilecontent54_test>

  <ind:textfilecontent54_test check="all" comment="SYSCTLVAR static configuration in /etc/sysctl.d/*.conf" id="test_static_etc_sysctld_SYSCTLID" version="1">
    <ind:object object_ref="object_static_etc_sysctld_SYSCTLID" />
  </ind:textfilecontent54_test>

  <ind:textfilecontent54_test check="all" comment="SYSCTLVAR static configuration in /etc/sysctl.d/*.conf" id="test_static_run_sysctld_SYSCTLID" version="1">
    <ind:object object_ref="object_static_run_sysctld_SYSCTLID" />
  </ind:textfilecontent54_test>

  <ind:textfilecontent54_test check="all" comment="SYSCTLVAR static configuration in /etc/sysctl.d/*.conf" id="test_static_usr_lib_sysctld_SYSCTLID" version="1">
    <ind:object object_ref="object_static_usr_lib_sysctld_SYSCTLID" />
  </ind:textfilecontent54_test>

  <ind:textfilecontent54_object id="object_static_sysctl_SYSCTLID" version="1">
    <ind:filepath>/etc/sysctl.conf</ind:filepath>
    <ind:pattern operation="pattern match">^[\s]*SYSCTLVAR[\s]*=[\s]*SYSCTLVAL[\s]*$</ind:pattern>
    <ind:instance datatype="int">1</ind:instance>
  </ind:textfilecontent54_object>

  <ind:textfilecontent54_object id="object_static_etc_sysctld_SYSCTLID" version="1">
    <ind:path>/etc/sysctl.d</ind:path>
    <ind:filename operation="pattern match">^.*\.conf$</ind:filename>
    <ind:pattern operation="pattern match">^[\s]*SYSCTLVAR[\s]*=[\s]*SYSCTLVAL[\s]*$</ind:pattern>
    <ind:instance datatype="int">1</ind:instance>
  </ind:textfilecontent54_object>

  <ind:textfilecontent54_object id="object_static_run_sysctld_SYSCTLID" version="1">
    <ind:path>/run/sysctl.d</ind:path>
    <ind:filename operation="pattern match">^.*\.conf$</ind:filename>
    <ind:pattern operation="pattern match">^[\s]*SYSCTLVAR[\s]*=[\s]*SYSCTLVAL[\s]*$</ind:pattern>
    <ind:instance datatype="int">1</ind:instance>
  </ind:textfilecontent54_object>

  <ind:textfilecontent54_object id="object_static_usr_lib_sysctld_SYSCTLID" version="1">
    <ind:path>/usr/lib/sysctl.d</ind:path>
    <ind:filename operation="pattern match">^.*\.conf$</ind:filename>
    <ind:pattern operation="pattern match">^[\s]*SYSCTLVAR[\s]*=[\s]*SYSCTLVAL[\s]*$</ind:pattern>
    <ind:instance datatype="int">1</ind:instance>
  </ind:textfilecontent54_object>

  <unix:sysctl_object id="object_sysctl_SYSCTLID" version="1">
    <unix:name>SYSCTLVAR</unix:name>
  </unix:sysctl_object>

  <unix:sysctl_state id="state_sysctl_SYSCTLID" version="1">
    <unix:value datatype="int" operation="equals">SYSCTLVAL</unix:value>
  </unix:sysctl_state>
</def-group>
