Yes indeed -- thanks very much for fixing!
On 02/02/2013 12:31 AM, Shawn Wells wrote: > On 2/1/13 5:47 PM, Shawn Wells wrote: >> >> 0001-bugfix-Inconsistent-kernel-checking.patch >> From 40c0126d7298f6ddb5cf71956cd6b3a2b69b8f7c Mon Sep 17 00:00:00 2001 >> From: Shawn Wells <[email protected]> <mailto:[email protected]> >> Date: Fri, 1 Feb 2013 17:46:23 -0500 >> Subject: [PATCH] [bugfix] Inconsistent kernel checking >> As reported by Philip S., OVAL was checking for /bin/false whereas >> the XCCDF macro was still configured for /bin/true >> >> --- >> RHEL6/transforms/shorthand2xccdf.xslt | 4 ++-- >> 1 files changed, 2 insertions(+), 2 deletions(-) >> >> diff --git a/RHEL6/transforms/shorthand2xccdf.xslt >> b/RHEL6/transforms/shorthand2xccdf.xslt >> index 507238e..d82b5e5 100644 >> --- a/RHEL6/transforms/shorthand2xccdf.xslt >> +++ b/RHEL6/transforms/shorthand2xccdf.xslt >> @@ -379,7 +379,7 @@ exclude-result-prefixes="xccdf xhtml dc"> >> <xsl:template match="module-disable-macro"> >> To configure the system to prevent the <xhtml:code><xsl:value-of >> select="@module"/></xhtml:code> >> kernel module from being loaded, add the following line to a file in the >> directory <xhtml:code>/etc/modprobe.d</xhtml:code>: >> -<xhtml:pre xml:space="preserve">install <xsl:value-of select="@module"/> >> /bin/true</xhtml:pre> >> +<xhtml:pre xml:space="preserve">install <xsl:value-of select="@module"/> >> /bin/false</xhtml:pre> >> </xsl:template> >> >> <xsl:template match="module-disable-check-macro"> >> @@ -387,7 +387,7 @@ If the system is configured to prevent the loading of the >> <xhtml:code><xsl:value-of select="@module"/></xhtml:code> kernel module, >> it will contain lines inside any file in >> <xhtml:code>/etc/modprobe.d</xhtml:code> or the >> deprecated<xhtml:code>/etc/modprobe.conf</xhtml:code>. >> These lines instruct the module loading system to run another program (such >> as >> -<xhtml:code>/bin/true</xhtml:code>) upon a module >> <xhtml:code>install</xhtml:code> event. >> +<xhtml:code>/bin/false</xhtml:code>) upon a module >> <xhtml:code>install</xhtml:code> event. >> Run the following command to search for such lines in all files in >> <xhtml:code>/etc/modprobe.d</xhtml:code> >> and the deprecated <xhtml:code>/etc/modprobe.conf</xhtml:code>: >> <xhtml:pre xml:space="preserve">$ grep -r <xsl:value-of select="@module"/> >> /etc/modprobe.conf /etc/modprobe.d</xhtml:pre> >> -- 1.7.1 > > Pushed as a bugfix > > > _______________________________________________ > scap-security-guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
