ack x9 -- please push On 09/18/2013 04:38 PM, [email protected] wrote:
From: Shawn Wells <[email protected]>TESTING: [user@redhat-thing-1 checks]$ grep ftp /etc/passwd ftp:x:14:50:FTP User:/var/ftp:/bin/bash [user@redhat-thing-1 checks]$ ./testcheck.py accounts_no_shelllogin_for_systemaccounts.xml Evaluating with OVAL tempfile : /tmp/accounts_no_shelllogin_for_systemaccountszRaZw9.xml Writing results to : /tmp/accounts_no_shelllogin_for_systemaccountszRaZw9.xml-results Definition oval:scap-security-guide.testing:def:104: false Evaluation done. [user@redhat-thing-1 checks]$ grep ftp /etc/passwd ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin [user@redhat-thing-1 checks]$ ./testcheck.py accounts_no_shelllogin_for_systemaccounts.xml Evaluating with OVAL tempfile : /tmp/accounts_no_shelllogin_for_systemaccountsn0AVoG.xml Writing results to : /tmp/accounts_no_shelllogin_for_systemaccountsn0AVoG.xml-results Definition oval:scap-security-guide.testing:def:104: true Evaluation done. [user@redhat-thing-1 checks]$ vim accounts_no_shelllogin_for_systemaccounts.xml [user@redhat-thing-1 checks]$ ./testcheck.py accounts_no_shelllogin_for_systemaccounts.xml Evaluating with OVAL tempfile : /tmp/accounts_no_shelllogin_for_systemaccountsiUXzmf.xml Writing results to : /tmp/accounts_no_shelllogin_for_systemaccountsiUXzmf.xml-results Definition oval:scap-security-guide.testing:def:104: true Evaluation done. --- .../accounts_no_shelllogin_for_systemaccounts.xml | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/RHEL6/input/checks/accounts_no_shelllogin_for_systemaccounts.xml b/RHEL6/input/checks/accounts_no_shelllogin_for_systemaccounts.xml index 966f75b..ff17b6e 100644 --- a/RHEL6/input/checks/accounts_no_shelllogin_for_systemaccounts.xml +++ b/RHEL6/input/checks/accounts_no_shelllogin_for_systemaccounts.xml @@ -6,6 +6,7 @@ <platform>Red Hat Enterprise Linux 6</platform> </affected> <description>The root account is the only system account that should have a login shell.</description> + <reference source="swells" ref_id="20130918" ref_url="test_attestation" /> </metadata> <criteria> <criterion comment="tests for the presence of login shells (not /sbin/nologin) for system accounts in /etc/passwd file" test_ref="test_accounts_no_shelllogin_for_systemaccounts" /> @@ -15,8 +16,7 @@ <ind:object object_ref="object_accounts_no_shelllogin_for_systemaccounts" /> </ind:textfilecontent54_test> <ind:textfilecontent54_object id="object_accounts_no_shelllogin_for_systemaccounts" version="1"> - <ind:path>/etc</ind:path> - <ind:filename>passwd</ind:filename> + <ind:filepath>/etc/passwd</ind:filepath> <ind:pattern operation="pattern match">^(?!root).*:x:[\d]*:0*([0-9]{1,2}|[1-4][0-9]{2}):[^:]*:[^:]*:(?!\/sbin\/nologin|\/bin\/sync|\/sbin\/shutdown|\/sbin\/halt).*$</ind:pattern> <ind:instance datatype="int">1</ind:instance> </ind:textfilecontent54_object>
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
