Signed-off-by: Jeffrey Blank <[email protected]> --- RHEL6/transforms/xccdf-apply-overlay-stig.xslt | 46 ++++++++++++++++++++++++ 1 files changed, 46 insertions(+), 0 deletions(-) create mode 100644 RHEL6/transforms/xccdf-apply-overlay-stig.xslt
diff --git a/RHEL6/transforms/xccdf-apply-overlay-stig.xslt b/RHEL6/transforms/xccdf-apply-overlay-stig.xslt new file mode 100644 index 0000000..32bc0ae --- /dev/null +++ b/RHEL6/transforms/xccdf-apply-overlay-stig.xslt @@ -0,0 +1,46 @@ +<?xml version="1.0"?> +<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"; xmlns="http://checklists.nist.gov/xccdf/1.1"; xmlns:xccdf="http://checklists.nist.gov/xccdf/1.1"; xmlns:xhtml="http://www.w3.org/1999/xhtml"; exclude-result-prefixes="xccdf"> + +<xsl:output method="xml" indent="yes"/> + +<!-- This transform expects a stringparam "overlay" which specifies a filename + containing a list of "overlays" onto which the project's + content will be projected. New Rules can thus be created based on external + parties' identifiers or titles. --> + +<xsl:variable name="overlays" select="document($overlay)/xccdf:overlays" /> + + <xsl:template match="xccdf:Benchmark"> + <xsl:copy> + <xsl:variable name="rules" select="//xccdf:Rule"/> + + <xsl:for-each select="$overlays/xccdf:overlay"> <!-- make sure overlays file namespace is XCCDF (hack) --> + <xsl:variable name="overlay_id" select="@ownerid"/> + <xsl:variable name="overlay_rule" select="@ruleid"/> + <xsl:variable name="overlay_severity" select="@severity"/> + <xsl:variable name="overlay_ref" select="@disa"/> + <xsl:variable name="overlay_title" select="xccdf:title/text()"/> + + <xsl:for-each select="$rules"> + <xsl:if test="@id=$overlay_rule"> + <Group id="{$overlay_id}"> + <title>SRG-OS-ID</title> + <description></description> + <Rule id="{$overlay_id}_rule" severity="{$overlay_severity}" > + <version><value-of select="$overlay_id"/></version> + <title><xsl:value-of select="$overlay_title"/></title> + <description><xsl:copy-of select="xccdf:rationale/node()" /></description> + <xsl:copy-of select="xccdf:check[@system='ocil-transitional']" /> + <!-- still need to handle "finding" clause --> + <ident system="http://iase.disa.mil/cci";><xsl:value-of select="concat('CCI-', format-number($overlay_ref,'000000'))" /></ident> + <fixtext><xsl:copy-of select="xccdf:description/node()" /></fixtext> + </Rule> + </Group> + </xsl:if> + </xsl:for-each> + + </xsl:for-each> + </xsl:copy> + </xsl:template> + +</xsl:stylesheet> -- 1.7.1 _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
