Hi All,
The missing '^' in the regexp makes oscap 0.8.0 (from the RHEL6 repo)
scan the whole filesystem. Credits to Gary Gapinsky for the quick fix.
Jeffrey suggested replacing the check by a version that would advice
disabling the driver in /etc/modules.conf (see the 'oscap hangs on
wireless_disable_drivers.xml' thread). I'm not familiar with a robust
way to determine the presence of such a NIC without using specialized
utilities that might not be installed on the system. I did a `grep
net/wireless /lib/modules/$(uname -r)/modules.dep` to see if all
wireless drivers maybe shared a common dependency but this is not the
case. Also, I queried the device using udevadm for attributes unique
to wireless cards but could not see anything obvious :
udevadm info --path=/sys/class/net/wlan0 --attribute-walk
looking at device
'/devices/pci0000:00/0000:00:1c.1/0000:02:00.0/bcma0:0/net/wlan0':
KERNEL=="wlan0"
SUBSYSTEM=="net"
DRIVER==""
ATTR{addr_assign_type}=="0"
ATTR{addr_len}=="6"
ATTR{dev_id}=="0x0"
ATTR{ifalias}==""
ATTR{iflink}=="2"
ATTR{ifindex}=="2"
ATTR{type}=="1"
ATTR{link_mode}=="1"
ATTR{address}=="b8:8d:12:08:14:ea"
ATTR{broadcast}=="ff:ff:ff:ff:ff:ff"
ATTR{carrier}=="1"
ATTR{dormant}=="0"
ATTR{operstate}=="up"
ATTR{mtu}=="1500"
ATTR{flags}=="0x1003"
ATTR{tx_queue_len}=="1000"
ATTR{netdev_group}=="0"
udevadm info --path=/sys/class/net/eth0 --attribute-walk
looking at device '/devices/pci0000:00/0000:00:15.0/0000:03:00.0/net/eth0':
KERNEL=="eth0"
SUBSYSTEM=="net"
DRIVER==""
ATTR{addr_assign_type}=="0"
ATTR{addr_len}=="6"
ATTR{dev_id}=="0x0"
ATTR{ifalias}==""
ATTR{iflink}=="2"
ATTR{ifindex}=="2"
ATTR{features}=="0x118ba9"
ATTR{type}=="1"
ATTR{link_mode}=="0"
ATTR{address}=="00:50:56:b5:00:12"
ATTR{broadcast}=="ff:ff:ff:ff:ff:ff"
ATTR{carrier}=="1"
ATTR{speed}=="10000"
ATTR{duplex}=="full"
ATTR{dormant}=="0"
ATTR{operstate}=="unknown"
ATTR{mtu}=="1500"
ATTR{flags}=="0x1003"
ATTR{tx_queue_len}=="1000"
If anyone can give me a suggestion I'd be happy to spend more time on it.
Regards,
Willem.
---
RHEL6/input/checks/wireless_disable_drivers.xml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/RHEL6/input/checks/wireless_disable_drivers.xml
b/RHEL6/input/checks/wireless_disable_drivers.xml
index 9760f7c..129b308 100644
--- a/RHEL6/input/checks/wireless_disable_drivers.xml
+++ b/RHEL6/input/checks/wireless_disable_drivers.xml
@@ -21,7 +21,7 @@
</unix:file_test>
<unix:file_object comment="all local files"
id="object_wireless_disable_drivers" version="1">
- <unix:path operation="pattern
match">/lib/modules/.*/kernel/drivers/net/wireless</unix:path>
+ <unix:path operation="pattern
match">^/lib/modules/.*/kernel/drivers/net/wireless</unix:path>
<unix:filename operation="pattern match">.*</unix:filename>
</unix:file_object>
</def-group>
--
1.7.1
_______________________________________________
scap-security-guide mailing list
scap-security-guide@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
