[PATCH 1/2] Check was expecting pam_ldap.so to exist at least once with no options at the end of the line. It's better to see if it exists in the middle of a line. Also, fixed an unescaped period.

Wed, 20 Nov 2013 10:27:08 -0800 

Signed-off-by: Maura Dailey <[email protected]>
---
 .../input/checks/ldap_client_pam_ldap_present.xml  |   13 ++++++-------
 1 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/RHEL6/input/checks/ldap_client_pam_ldap_present.xml 
b/RHEL6/input/checks/ldap_client_pam_ldap_present.xml
index a89d5f2..64b62d7 100644
--- a/RHEL6/input/checks/ldap_client_pam_ldap_present.xml
+++ b/RHEL6/input/checks/ldap_client_pam_ldap_present.xml
@@ -1,22 +1,21 @@
 <def-group>
-  <definition class="compliance"
-  id="ldap_client_pam_ldap_present" version="1">
+  <definition class="compliance" id="ldap_client_pam_ldap_present" version="1">
     <metadata>
       <title>Test for use of pam_ldap</title>
       <affected family="unix">
         <platform>Red Hat Enterprise Linux 6</platform>
       </affected>
       <description>Check for pam_ldap.so presence.</description>
+      <reference source="MED" ref_id="20131120" ref_url="test_attestation" />
     </metadata>
     <criteria comment="package pam_ldap is present and used" operator="OR">
-      <extend_definition comment="pam_ldap rpm installed? (note negation)" 
-      definition_ref="package_pam_ldap_removed" negate="true"/>
+      <extend_definition comment="pam_ldap rpm installed? (note negation)"
+      definition_ref="package_pam_ldap_removed" negate="true" />
       <criterion comment="look for pam_ldap.so"
       test_ref="test_ldap_client_pam_ldap_present" />
     </criteria>
   </definition>
-  <ind:textfilecontent54_test check="all"
-  check_existence="at_least_one_exists"
+  <ind:textfilecontent54_test check="all" check_existence="at_least_one_exists"
   comment="Check if pam_ldap.so is uncommented in a file in pam.d"
   id="test_ldap_client_pam_ldap_present" version="1">
     <ind:object object_ref="obj_ldap_client_pam_ldap_present" />
@@ -25,7 +24,7 @@
   version="1">
     <ind:path>/etc/pam.d</ind:path>
     <ind:filename operation="pattern match">.*</ind:filename>
-    <ind:pattern operation="pattern 
match">^[^#].*pam_ldap.so[\s]*$</ind:pattern>
+    <ind:pattern operation="pattern 
match">^[^#].*pam_ldap.so[\s]*.*$</ind:pattern>
     <ind:instance datatype="int">1</ind:instance>
   </ind:textfilecontent54_object>
 </def-group>
-- 
1.7.1

_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide

Reply via email to