I've been going through the OVAL code and have stumped myself. The
partition_for_* rules are enabled in the XCCDF profiles, yet somehow is
marked as selected=false in the final output:
$ grep -rin partition_for_tmp input/profiles/
input/profiles/usgcb-rhel6-server.xml:5:<select
idref="partition_for_tmp" selected="true" />
input/profiles/common.xml:4:<select idref="partition_for_tmp"
selected="true"/>
$ grep -rin partition_for_tmp output/ssg-rhel6-xccdf.xml
43: <select idref="partition_for_tmp" selected="true"/>
259: <select idref="partition_for_tmp" selected="true"/>
500: <select idref="partition_for_tmp" selected="true"/>
720: <select idref="partition_for_tmp" selected="true"/>
946: <select idref="partition_for_tmp" selected="true"/>
1400: <Rule id="partition_for_tmp" selected="false" severity="low">
In the ssg-rhel6-xccdf.xml file, the OVAL points to oval:ssg:2741:
<check-content-ref name="oval:ssg:def:2741" href="ssg-rhel6-oval.xml"/>
And when I check for that in ssg-rhel6-oval.xml, it doesn't exist:
$ grep -in oval:ssg:2741 output/ssg-rhel6-oval.xml
(no return)
When I load up ssg-rhel6-oval.xml and look for the rule, it's actually
oval:ssg:def:841:
<definition class="compliance" id="oval:ssg:def:841" version="1">
<metadata>
<title>Ensure /tmp Located On Separate Partition</title>
I started to play with relabelids.py and only made things worse.
Jeff/Dave, any chance you could take a look at this?
_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
