Broke apart the ldap checkpeer tests into individual checks. It now checks for pam_ldap first rather than failing you for not having pointless config files. Removed checkpeer test as it's looking for the default setting.
Signed-off-by: Kevin Spargur <[email protected]> Kevin Spargur (1): Broke apart ldap checkpeer, added dependency tests .../input/checks/ldap_client_pam_ldap_present.xml | 32 +++++++++++++ rhel6/src/input/checks/ldap_client_start_tls.xml | 32 +++++++++++++ .../input/checks/ldap_client_tls_cacertpath.xml | 48 ++++++++++++++++++++ .../src/input/checks/ldap_client_tls_checkpeer.xml | 31 ------------- .../src/input/checks/package_pam_ldap_removed.xml | 26 +++++++++++ rhel6/src/input/profiles/common.xml | 3 +- rhel6/src/input/services/ldap.xml | 48 +++++++++++++------- 7 files changed, 171 insertions(+), 49 deletions(-) create mode 100644 rhel6/src/input/checks/ldap_client_pam_ldap_present.xml create mode 100644 rhel6/src/input/checks/ldap_client_start_tls.xml create mode 100644 rhel6/src/input/checks/ldap_client_tls_cacertpath.xml delete mode 100644 rhel6/src/input/checks/ldap_client_tls_checkpeer.xml create mode 100644 rhel6/src/input/checks/package_pam_ldap_removed.xml -- 1.7.7.6 _______________________________________________ scap-security-guide mailing list [email protected] https://fedorahosted.org/mailman/listinfo/scap-security-guide
