>From e74a20b785a3221b868d8d7d35e1e5c17b12c0b3 Mon Sep 17 00:00:00 2001 From: Shawn Wells <[email protected]> Date: Fri, 27 Dec 2013 00:46:21 -0500 Subject: [PATCH 12/31] Moved require_singleuser_auth to shared/
- Tested on RHEL7, updated CPE, moved to shared/ --- RHEL/6/input/checks/require_singleuser_auth.xml | 28 +------------------------ RHEL/7/input/checks/require_singleuser_auth.xml | 1 + shared/oval/require_singleuser_auth.xml | 28 +++++++++++++++++++++++++ 3 files changed, 30 insertions(+), 27 deletions(-) mode change 100644 => 120000 RHEL/6/input/checks/require_singleuser_auth.xml create mode 120000 RHEL/7/input/checks/require_singleuser_auth.xml create mode 100644 shared/oval/require_singleuser_auth.xml diff --git a/RHEL/6/input/checks/require_singleuser_auth.xml b/RHEL/6/input/checks/require_singleuser_auth.xml deleted file mode 100644 index 6db03ef..0000000 --- a/RHEL/6/input/checks/require_singleuser_auth.xml +++ /dev/null @@ -1,27 +0,0 @@ -<def-group> - <definition class="compliance" id="require_singleuser_auth" version="1"> - <metadata> - <title>Require Authentication for Single-User Mode</title> - <affected family="unix"> - <platform>Red Hat Enterprise Linux 6</platform> - </affected> - <description>The requirement for a password to boot into single-user mode - should be configured correctly.</description> - <reference source="swells" ref_id="20131014" ref_url="test_attestation" /> - </metadata> - <criteria> - <criterion comment="Conditions are satisfied" - test_ref="test_require_singleuser_auth" /> - </criteria> - </definition> - <ind:textfilecontent54_test check="all" check_existence="all_exist" - comment="Tests that the SINGLE variable in the /etc/sysconfig/init file is set to /sbin/sulogin, to ensure that a password must be entered to access single user mode" - id="test_require_singleuser_auth" version="1"> - <ind:object object_ref="obj_require_singleuser_auth" /> - </ind:textfilecontent54_test> - <ind:textfilecontent54_object id="obj_require_singleuser_auth" version="1"> - <ind:filepath>/etc/sysconfig/init</ind:filepath> - <ind:pattern operation="pattern match">^SINGLE=/sbin/sulogin[\s]*</ind:pattern> - <ind:instance datatype="int">1</ind:instance> - </ind:textfilecontent54_object> -</def-group> diff --git a/RHEL/6/input/checks/require_singleuser_auth.xml b/RHEL/6/input/checks/require_singleuser_auth.xml new file mode 120000 index 0000000..afffc1c --- /dev/null +++ b/RHEL/6/input/checks/require_singleuser_auth.xml @@ -0,0 +1 @@ +../../../../shared/oval/require_singleuser_auth.xml \ No newline at end of file diff --git a/RHEL/7/input/checks/require_singleuser_auth.xml b/RHEL/7/input/checks/require_singleuser_auth.xml new file mode 120000 index 0000000..afffc1c --- /dev/null +++ b/RHEL/7/input/checks/require_singleuser_auth.xml @@ -0,0 +1 @@ +../../../../shared/oval/require_singleuser_auth.xml \ No newline at end of file diff --git a/shared/oval/require_singleuser_auth.xml b/shared/oval/require_singleuser_auth.xml new file mode 100644 index 0000000..e8d4c63 --- /dev/null +++ b/shared/oval/require_singleuser_auth.xml @@ -0,0 +1,28 @@ +<def-group> + <definition class="compliance" id="require_singleuser_auth" version="1"> + <metadata> + <title>Require Authentication for Single-User Mode</title> + <affected family="unix"> + <platform>Red Hat Enterprise Linux 6</platform> + <platform>Red Hat Enterprise Linux 7</platform> + </affected> + <description>The requirement for a password to boot into single-user mode + should be configured correctly.</description> + <reference source="swells" ref_id="20131014" ref_url="test_attestation" /> + </metadata> + <criteria> + <criterion comment="Conditions are satisfied" + test_ref="test_require_singleuser_auth" /> + </criteria> + </definition> + <ind:textfilecontent54_test check="all" check_existence="all_exist" + comment="Tests that the SINGLE variable in the /etc/sysconfig/init file is set to /sbin/sulogin, to ensure that a password must be entered to access single user mode" + id="test_require_singleuser_auth" version="1"> + <ind:object object_ref="obj_require_singleuser_auth" /> + </ind:textfilecontent54_test> + <ind:textfilecontent54_object id="obj_require_singleuser_auth" version="1"> + <ind:filepath>/etc/sysconfig/init</ind:filepath> + <ind:pattern operation="pattern match">^SINGLE=/sbin/sulogin[\s]*</ind:pattern> + <ind:instance datatype="int">1</ind:instance> + </ind:textfilecontent54_object> +</def-group> -- 1.8.3.1
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
