Hello, please see downstream report: [1] https://bugzilla.redhat.com/show_bug.cgi?id=1357620
In short the reason for the failure here not being the system in question (target of evaluation) wouldn't meet the required setting, but the only difference is the form of banner text used (instead of 'dod_default' https://github.com/OpenSCAP/scap-security-guide/blob/master/RHEL/7/input/xccdf/system/accounts/banners.xml#L26 the customers are using custom text for the login banner). Can we modify the 'dconf_gnome_login_banner_text.xml' OVAL not to be that restrictive? In other words, allow also other custom banners to be set on the target of evaluation under assumption, other requirements were already satisfied? Basically the change would be instead of exact banner text string match against 'dod_default' selector value of 'login_banner_text' variable, the new version would check if desired login banner text isn't empty string. Thoughts? Thank you && Regards, Jan -- Jan iankko Lieskovsky / Red Hat Security Technologies Team -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/admin/lists/[email protected] https://github.com/OpenSCAP/scap-security-guide/
