Hello David, ----- Original Message ----- > From: "David Smith" <[email protected]> > To: [email protected] > Sent: Friday, June 27, 2014 6:37:14 PM > Subject: [PATCH] Added vsftpd OVAL check and modified packages_installed.csv > file
Just wondering, what's the motivation behind adding this check? If I am not wrong, the package_vsftpd_installed.xml in RHEL/6 is used from shared/oval directory: scap-security-guide]$ file RHEL/6/input/checks/package_vsftpd_installed.xml RHEL/6/input/checks/package_vsftpd_installed.xml: symbolic link to `../../../../shared/oval/package_vsftpd_installed.xml' So the corresponding XCCDF definition should work without issues. If not, the problem should be fixed (but the rules which can be shared we would like to keep in the /shared directory). Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Technologies Team > > > Signed-off-by: David Smith <[email protected]> > --- > RHEL/6/input/checks/package_vsftpd_installed.xml | 26 > ++++++++++++++++++++ > .../input/checks/templates/packages_installed.csv | 1 + > 2 files changed, 27 insertions(+), 0 deletions(-) > create mode 100644 RHEL/6/input/checks/package_vsftpd_installed.xml > > diff --git a/RHEL/6/input/checks/package_vsftpd_installed.xml > b/RHEL/6/input/checks/package_vsftpd_installed.xml > new file mode 100644 > index 0000000..e4153a1 > --- /dev/null > +++ b/RHEL/6/input/checks/package_vsftpd_installed.xml > @@ -0,0 +1,26 @@ > +<def-group> > + <!-- THIS FILE IS GENERATED by create_package_installed.py. DO NOT EDIT. > --> > + <definition class="compliance" id="package_vsftpd_installed" > + version="1"> > + <metadata> > + <title>Package vsftpd Installed</title> > + <affected family="unix"> > + <platform>Red Hat Enterprise Linux 6</platform> > + </affected> > + <description>The RPM package vsftpd should be installed.</description> > + <reference source="swells" ref_id="20130829" > ref_url="test_attestation"/> > + </metadata> > + <criteria> > + <criterion comment="package vsftpd is installed" > + test_ref="test_package_vsftpd_installed" /> > + </criteria> > + </definition> > + <linux:rpminfo_test check="all" check_existence="all_exist" > + id="test_package_vsftpd_installed" version="1" > + comment="package vsftpd is installed"> > + <linux:object object_ref="obj_package_vsftpd_installed" /> > + </linux:rpminfo_test> > + <linux:rpminfo_object id="obj_package_vsftpd_installed" version="1"> > + <linux:name>vsftpd</linux:name> > + </linux:rpminfo_object> > +</def-group> > diff --git a/RHEL/6/input/checks/templates/packages_installed.csv > b/RHEL/6/input/checks/templates/packages_installed.csv > index ef6e737..dc0ae21 100644 > --- a/RHEL/6/input/checks/templates/packages_installed.csv > +++ b/RHEL/6/input/checks/templates/packages_installed.csv > @@ -13,3 +13,4 @@ postfix > psacct > rsyslog > screen > +vsftpd > -- > 1.7.1 > > -- > SCAP Security Guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > https://github.com/OpenSCAP/scap-security-guide/ -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
