On 3/29/13 8:28 PM, Shawn Wells wrote:
0001-Updated-create_package_installed-template-process.patch
From 1868e163ba098b3bc1e33301bbe5208686439c56 Mon Sep 17 00:00:00 2001
From: Shawn Wells<[email protected]>
Date: Fri, 29 Mar 2013 15:27:56 -0400
Subject: [PATCH 01/21] Updated create_package_installed template process
- Updated create_package_installed.py to generate bash scripts,
using template_BASH_package_installed as template
- Fixes are put into output/ with .sh extensions
- `make copy` takes the .sh scripts and places them into ../../fixes/bash
- Renamed template_package_instaled --> template_OVAL_package_installed
---
RHEL6/input/checks/templates/Makefile | 1 +
.../checks/templates/create_package_installed.py | 16 ++++++++----
.../templates/template_BASH_package_installed | 1 +
.../templates/template_OVAL_package_installed | 25 ++++++++++++++++++++
.../checks/templates/template_package_installed | 25 --------------------
5 files changed, 38 insertions(+), 30 deletions(-)
create mode 100644
RHEL6/input/checks/templates/template_BASH_package_installed
create mode 100644
RHEL6/input/checks/templates/template_OVAL_package_installed
delete mode 100644 RHEL6/input/checks/templates/template_package_installed
diff --git a/RHEL6/input/checks/templates/Makefile
b/RHEL6/input/checks/templates/Makefile
index c17bfc2..da6568a 100644
--- a/RHEL6/input/checks/templates/Makefile
+++ b/RHEL6/input/checks/templates/Makefile
@@ -22,6 +22,7 @@ compare:
copy:
cp output/*.xml ../
+ cp output/*.sh ../../fixes/bash/
find-untemplated: templates
./find_untemplated.py
diff --git a/RHEL6/input/checks/templates/create_package_installed.py
b/RHEL6/input/checks/templates/create_package_installed.py
index e227567..b32e18c 100755
--- a/RHEL6/input/checks/templates/create_package_installed.py
+++ b/RHEL6/input/checks/templates/create_package_installed.py
@@ -15,12 +15,18 @@ import sys, csv, re
def output_check(package_info):
pkgname = package_info[0]
if pkgname:
- with open("./template_package_installed", 'r') as templatefile:
- filestring = templatefile.read()
+ with open("./template_OVAL_package_installed", 'r') as
OVALtemplatefile:
+ filestring = OVALtemplatefile.read()
filestring = filestring.replace("PKGNAME", pkgname)
- with open("./output/package_" + pkgname + "_installed.xml", 'wb+')
as outputfile:
- outputfile.write(filestring)
- outputfile.close()
+ with open("./output/package_" + pkgname + "_installed.xml", 'wb+')
as OVALoutputfile:
+ OVALoutputfile.write(filestring)
+ OVALoutputfile.close()
+ with open("./template_BASH_package_installed", 'r') as BASHtemplatefile:
+ filestring = BASHtemplatefile.read()
+ filestring = filestring.replace("PKGNAME", pkgname)
+ with open("./output/package_" + pkgname + "_installed.sh",
'wb+') as BASHoutputfile:
+ BASHoutputfile.write(filestring)
+ BASHoutputfile.close()
else:
print "ERROR: input violation: the package name must be defined"
diff --git a/RHEL6/input/checks/templates/template_BASH_package_installed b/RHEL6/input/checks/templates/template_BASH_package_installed
new file mode 100644
index 0000000..1ea466e
--- /dev/null
+++ b/RHEL6/input/checks/templates/template_BASH_package_installed
@@ -0,0 +1 @@
+yum -y install PKGNAME
diff --git a/RHEL6/input/checks/templates/template_OVAL_package_installed
b/RHEL6/input/checks/templates/template_OVAL_package_installed
new file mode 100644
index 0000000..d668705
--- /dev/null
+++ b/RHEL6/input/checks/templates/template_OVAL_package_installed
@@ -0,0 +1,25 @@
+<def-group>
+ <!-- THIS FILE IS GENERATED by create_package_installed.py. DO NOT EDIT. -->
+ <definition class="compliance" id="package_PKGNAME_installed"
+ version="1">
+ <metadata>
+ <title>Package PKGNAME Installed</title>
+ <affected family="unix">
+ <platform>Red Hat Enterprise Linux 6</platform>
+ </affected>
+ <description>The RPM package PKGNAME should be installed.</description>
+ </metadata>
+ <criteria>
+ <criterion comment="package PKGNAME is installed"
+ test_ref="test_package_PKGNAME_installed" />
+ </criteria>
+ </definition>
+ <linux:rpminfo_test check="all" check_existence="all_exist"
+ id="test_package_PKGNAME_installed" version="1"
+ comment="package PKGNAME is installed">
+ <linux:object object_ref="obj_package_PKGNAME" />
+ </linux:rpminfo_test>
+ <linux:rpminfo_object id="obj_package_PKGNAME" version="1">
+ <linux:name>PKGNAME</linux:name>
+ </linux:rpminfo_object>
+</def-group>
diff --git a/RHEL6/input/checks/templates/template_package_installed
b/RHEL6/input/checks/templates/template_package_installed
deleted file mode 100644
index d668705..0000000
--- a/RHEL6/input/checks/templates/template_package_installed
+++ /dev/null
@@ -1,25 +0,0 @@
-<def-group>
- <!-- THIS FILE IS GENERATED by create_package_installed.py. DO NOT EDIT. -->
- <definition class="compliance" id="package_PKGNAME_installed"
- version="1">
- <metadata>
- <title>Package PKGNAME Installed</title>
- <affected family="unix">
- <platform>Red Hat Enterprise Linux 6</platform>
- </affected>
- <description>The RPM package PKGNAME should be installed.</description>
- </metadata>
- <criteria>
- <criterion comment="package PKGNAME is installed"
- test_ref="test_package_PKGNAME_installed" />
- </criteria>
- </definition>
- <linux:rpminfo_test check="all" check_existence="all_exist"
- id="test_package_PKGNAME_installed" version="1"
- comment="package PKGNAME is installed">
- <linux:object object_ref="obj_package_PKGNAME" />
- </linux:rpminfo_test>
- <linux:rpminfo_object id="obj_package_PKGNAME" version="1">
- <linux:name>PKGNAME</linux:name>
- </linux:rpminfo_object>
-</def-group>
-- 1.7.1
Pushed per Jeff's ack
$ git push
Counting objects: 16, done.
Compressing objects: 100% (8/8), done.
Writing objects: 100% (9/9), 1.06 KiB, done.
Total 9 (delta 7), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/scap-security-guide.git
bec63d7..06766fe master -> master
_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
