diff options
| author |   Sven Vermeulen <sven.vermeulen@siphos.be> | 2014-02-01 15:22:43 +0100 |
|---|---|---|
| committer | Sven Vermeulen <sven.vermeulen@siphos.be> | 2014-02-01 15:22:43 +0100 |
| commit | 5537d423834693b5b9eb704f5ae6fba34b068e98 (patch) | |
| tree | 39906a3359cd727f452be7a599b7016a9755a1f9 | |
| parent | Add upload to Makefile (diff) | |
| download | hardened-docs-5537d423834693b5b9eb704f5ae6fba34b068e98.tar.gz hardened-docs-5537d423834693b5b9eb704f5ae6fba34b068e98.tar.bz2 hardened-docs-5537d423834693b5b9eb704f5ae6fba34b068e98.zip | |
Fix check values
| -rw-r--r-- | xml/SCAP/gentoo-oval.xml | 40 |
1 files changed, 38 insertions, 2 deletions
diff --git a/xml/SCAP/gentoo-oval.xml b/xml/SCAP/gentoo-oval.xml index e4d183c..a031348 100644 --- a/xml/SCAP/gentoo-oval.xml +++ b/xml/SCAP/gentoo-oval.xml @@ -532,6 +532,21 @@ </criteria> </definition> + <definition id="oval:org.gentoo.dev.swift:def:32" version="1" class="compliance"> + <metadata> + <title>In /etc/securetty only console and tty# exists</title> + <affected family="unix"> + <platform>Gentoo Linux</platform> + </affected> + <description> + The /etc/securetty file only contains console and tty# entries + </description> + </metadata> + <criteria> + <criterion test_ref="oval:org.gentoo.dev.swift:tst:33" comment="In /etc/securetty, only console and tty# are defined" /> + </criteria> + </definition> + </definitions> <tests> @@ -783,7 +798,7 @@ </ind-def:textfilecontent54_test> <ind-def:textfilecontent54_test id="oval:org.gentoo.dev.swift:tst:31" - version="1" check="at least one" check_existence="all_exist" + version="1" check="all" check_existence="all_exist" comment="Tests that webrsync-gpg is set in make.conf FEATURES"> <!-- FEATURES declaration in make.conf --> <ind-def:object object_ref="oval:org.gentoo.dev.swift:obj:18" /> @@ -792,7 +807,7 @@ </ind-def:textfilecontent54_test> <ind-def:textfilecontent54_test id="oval:org.gentoo.dev.swift:tst:32" - version="1" check="at least one" check_existence="all_exist" + version="1" check="all" check_existence="all_exist" comment="Tests that PORTAGE_GPG_DIR is non-empty"> <!-- PORTAGE_GPG_DIR declaration in make.conf --> <ind-def:object object_ref="oval:org.gentoo.dev.swift:obj:19" /> @@ -800,6 +815,15 @@ <ind-def:state state_ref="oval:org.gentoo.dev.swift:ste:12" /> </ind-def:textfilecontent54_test> + <ind-def:textfilecontent54_test id="oval:org.gentoo.dev.swift:tst:33" + version="1" check="all" check_existence="all_exist" + comment="Tests that securetty only contains console and tty#"> + <!-- /etc/securetty file --> + <ind-def:object object_ref="oval:org.gentoo.dev.swift:obj:20" /> + <!-- console or tty# --> + <ind-def:state state_ref="oval:org.gentoo.dev.swift:ste:13" /> + </ind-def:textfilecontent54_test> + </tests> <objects> @@ -913,6 +937,13 @@ <ind-def:instance operation="greater than or equal" datatype="int">1</ind-def:instance> </ind-def:textfilecontent54_object> + <ind-def:textfilecontent54_object id="oval:org.gentoo.dev.swift:obj:20" + version="1" comment="/etc/securetty contains only console and tty##"> + <ind-def:filepath>/etc/securetty</ind-def:filepath> + <ind-def:pattern operation="pattern match">^[^#]+</ind-def:pattern> + <ind-def:instance operation="greater than or equal" datatype="int">1</ind-def:instance> + </ind-def:textfilecontent54_object> + </objects> <states> @@ -977,6 +1008,11 @@ <ind-def:subexpression datatype="string" operation="pattern match" entity_check="all">[\S]+</ind-def:subexpression> </ind-def:textfilecontent54_state> + <ind-def:textfilecontent54_state id="oval:org.gentoo.dev.swift:ste:13" + version="1" comment="Matches console or tty[0-9]"> + <ind-def:text datatype="string" operation="pattern match" entity_check="all">(console|tty[[:digit:]]+)</ind-def:text> + </ind-def:textfilecontent54_state> + </states> <variables> |