Hi Dragos, Thank you very much for reporting this and sorry for the delay.
I had a look into your issue. Let me explain my findings. According to OVAL 5.11.1 specification and XML schema, recurse="none" is deprecated value and it was deprecated in OVAL 5.5. In XML schema schemas/oval/5.11.1/unix-definitions-schema.xsd I found this: The values 'files', 'files and directories',and 'none' are being removed because it is not possible to recurse files and the value 'none' was intended to mean no recursion, however, this is already covered by the recurse_direction attribute. I think that you should not use that value. Which version of OVAL is your content? Do you think that we should support this deprecated value? Thank you. Best regards Jan Černý Security Technologies | Red Hat, Inc. ----- Original Message ----- > From: "Dragos Prisaca" <[email protected]> > To: [email protected] > Sent: Thursday, March 2, 2017 8:04:56 PM > Subject: [Open-scap] Possible OpenSCAP bug > > Hello, > > It looks like OpenSCAP 1.2.10 does not process correctly the following > object which uses @recurse="none": > <unix:file_object id="oval:nist.validation.macosFileTest:obj:177" > xmlns:unix="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"; > comment="@recurse='none'" version="1"> > <unix:behaviors max_depth="-1" recurse_file_system="local" > recurse="none" recurse_direction="down"/> > <unix:path operation="equals" > datatype="string">/scapVal/File-Test-Level2/Level3-Folder010</unix:path> > <unix:filename operation="pattern match">.+</unix:filename> > </unix:file_object> > > Since there is a file > (/scapVal/File-Test-Level2/Level3-Folder010/Level3-File010.txt), the > expectation is to collect the following item: > <unix-sys:file_item id="12884417" status="exists"> > > <unix-sys:filepath>/scapVal/File-Test-Level2/Level3-Folder010/Level3-File010.txt</unix-sys:filepath> > <unix-sys:path>/scapVal/File-Test-Level2/Level3-Folder010</unix-sys:path> > <unix-sys:filename>Level3-File010.txt</unix-sys:filename> > <unix-sys:type>regular</unix-sys:type> > ... > </unix-sys:file_item> > > Please let me know if you have any questions. > > Respectfully, > _Dragos. > > _______________________________________________ > Open-scap-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/open-scap-list > _______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
