[PATCH] [bugfix] Ticket 169 - False positive - postfix_logging

Fri, 19 Apr 2013 21:00:40 -0700 

>From a3d19e597ed36fa431fd383d05933662bfd461dc Mon Sep 17 00:00:00 2001
From: Shawn Wells <[email protected]>
Date: Fri, 19 Apr 2013 23:58:27 -0400
Subject: [PATCH] [bugfix] Ticket 169 - False positive - postfix_logging
 Test should first check if Postfix is installed and running

---
 RHEL6/input/checks/postfix_logging.xml |   18 +++++++++++-------
 1 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/RHEL6/input/checks/postfix_logging.xml 
b/RHEL6/input/checks/postfix_logging.xml
index 9ea2b3b..d0e498f 100644
--- a/RHEL6/input/checks/postfix_logging.xml
+++ b/RHEL6/input/checks/postfix_logging.xml
@@ -8,15 +8,19 @@
       </affected>
       <description>Postfix Should Log Relevant Events and Logs Shall Be 
Protected.</description>
     </metadata>
-    <criteria operator="AND">
-      <criterion comment="Test log file ownership"       
test_ref="test_postfix_logging_ownership" />
-      <criterion comment="Test log file group ownership" 
test_ref="test_postfix_logging_gownership" />
-      <criterion comment="Test log file permissions"     
test_ref="test_postfix_logging_permissions" />
-      <criterion comment="Test logs set for maillog"     
test_ref="test_postfix_logging_sent_to_maillog" />
-      <criterion comment="Test logs are set to rotate"   
test_ref="test_postfix_logging_maillog_rotates" />
+    <criteria comment="Postfix installed and service is configured to start" 
operator="AND">
+      <!-- NOTE: The package install check is inherited from 
service_postfix_enabled -->
+      <extend_definition comment="postfix configured to start" 
definition_ref="service_postfix_enabled" />
+      <criteria operator="AND">
+        <criterion comment="Test log file ownership"       
test_ref="test_postfix_logging_ownership" />
+        <criterion comment="Test log file group ownership" 
test_ref="test_postfix_logging_gownership" />
+        <criterion comment="Test log file permissions"     
test_ref="test_postfix_logging_permissions" />
+        <criterion comment="Test logs set for maillog"     
test_ref="test_postfix_logging_sent_to_maillog" />
+        <criterion comment="Test logs are set to rotate"   
test_ref="test_postfix_logging_maillog_rotates" />
+      </criteria>
     </criteria>
   </definition>
- 
+
   <unix:file_test check="all" check_existence="all_exist"
   comment="Testing ownership of maillog file"
   id="test_postfix_logging_ownership" version="1">
-- 
1.7.1


_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide






















					Reply via email to