HP has posted an updated version of the audit-test suite for the audit and MLS portions of CAPP/LSPP/RBACPP certification on RHEL5.1. http://sourceforge.net/projects/audit-test/
The suite is available as a tarball, a source rpm, and as a noarch rpm which will install files into /usr/local/eal4_testing/audit-test. There are 3 README files which describe how to run the tests, how to develop tests, and how to configure the test server for network tests. These tests are known to pass on RHEL5.1 plus the updated packages listed in our security target in both CAPP mode (optional targeted policy) and LSPP mode (mls policy) on x86_64 and ia64 architectures. Code exists for other architectures but no other architectures have been tested with this version of the test suite. The updated tests fix failures that were due to changes in some of the pam audit records. We would appreciate feedback as well as patches through the sourceforge project trackers if you use and update the suite. We are especially interested in hearing from people running the tests on other distros, with or without SELinux. Thanks, Jon -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
