Hi, it's a trivial thing to test if a specific rpm is installed: collect the rpminfo_object and rpminfo_test with existence_check set to "all_exist" or "at_least_one_exist".
However, I would like to iterate over an array of rpm names and test if these are installed. First, I split the space-separated list into a multival local_variable. Then, I would like to do the same rpminfo_test like above with the rpminfo_objects being collected. Here's a minimal example: <?xml version="1.0" encoding="UTF-8"?> <oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5"; xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5"; xmlns:linux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"; xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd"> <generator> <oval:product_name>Enhanced SCAP Content Editor (eSCAPe)</oval:product_name> <oval:product_version>1.2.2</oval:product_version> <oval:schema_version>5.10</oval:schema_version> <oval:timestamp>2016-04-21T01:58:41</oval:timestamp> </generator> <!--generated.oval.base.identifier=com.example--> <definitions> <definition id="oval:com.example:def:1" version="1" class="compliance"> <metadata> <title>Minimal example: all rpms in list must be installed</title> <affected family="unix"> <platform>SUSE Linux Enterprise all versions</platform> </affected> <description>Minimal example: all rpms in list must be installed</description> </metadata> <criteria operator="AND" negate="false" comment="and"> <criterion comment="all must-be-installed rpm are installed" test_ref="oval:com.example:tst:1" negate="false" /> </criteria> </definition> </definitions> <tests> <rpminfo_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"; id="oval:com.example:tst:1" version="1" check="all" comment="all must-be-installed rpm are installed" check_existence="all_exist"> <object object_ref="oval:com.example:obj:1" /> </rpminfo_test> </tests> <objects> <rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"; id="oval:com.example:obj:1" version="1" comment="must-be-installed rpm"> <name datatype="string" operation="equals" var_ref="oval:com.example:var:2" var_check="at least one" /> </rpminfo_object> </objects> <variables> <constant_variable id="oval:com.example:var:1" version="1" comment="space-separated list of rpms which must be installed" datatype="string"> <value>kernel-default kernel-default-base</value> </constant_variable> <local_variable id="oval:com.example:var:2" version="1" comment="rpms which must be installed" datatype="string"> <split delimiter=" "> <variable_component var_ref="oval:com.example:var:1" /> </split> </local_variable> </variables> </oval_definitions> However, the problem is, with var_check="all" any installed rpm is checked against all multival values at the same time (which is documented here https://oval.mitre.org/language/version5.10/ovaldefinition/documentation/oval-definitions-schema.html#EntityAttributeGroup), hence no rpminfo_object is collected at all. With var_check="at least one" on the other hand, only those rpms are collected which actually are installed, leaving the rpminfo_test unable to decide if _all_needed_ rpms are installed. Is there any way to do this in OVAL? I've already read about multival/multiset (http://static.open-scap.org/openscap-1.0/oscap_user_manual.html#_notes_on_the_concept_of_multiple_oval_values) and I know, there's the possibility to pass distinct literal rpm names to OVAL with multiset. In my use case, however, I have to stick with the list-of-rpms-parametrization. Thanks in advance! Regards, Andreas _______________________________________________ Open-scap-list mailing list Open-scap-list@redhat.com https://www.redhat.com/mailman/listinfo/open-scap-list
