From b4887bddd651e814c217173c7e8e7fc45422f5aa Mon Sep 17 00:00:00 2001
From: root <[email protected]>
Date: Wed, 2 Oct 2013 22:55:46 -0400
Subject: [PATCH] additional OVAL testing
---
.../input/checks/accounts_password_reuse_limit.xml | 1 +
RHEL6/input/checks/bootloader_password.xml | 1 +
RHEL6/input/checks/rsyslog_files_ownership.xml | 1 +
RHEL6/input/checks/service_abrtd_disabled.xml | 1 +
RHEL6/input/checks/service_iptables_enabled.xml | 1 +
5 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/RHEL6/input/checks/accounts_password_reuse_limit.xml
b/RHEL6/input/checks/accounts_password_reuse_limit.xml
index 755391c..b9e5b68 100644
--- a/RHEL6/input/checks/accounts_password_reuse_limit.xml
+++ b/RHEL6/input/checks/accounts_password_reuse_limit.xml
@@ -6,6 +6,7 @@
<platform>Red Hat Enterprise Linux 6</platform>
</affected>
<description>The passwords to remember should be set
correctly.</description>
+ <reference source="DS" ref_id="20131002"
ref_url="test_attestation" />
</metadata>
<criteria>
<criterion comment="remember parameter is set to 0"
test_ref="test_accounts_password_reuse_limit" />
diff --git a/RHEL6/input/checks/bootloader_password.xml
b/RHEL6/input/checks/bootloader_password.xml
index bd31307..6545c4d 100644
--- a/RHEL6/input/checks/bootloader_password.xml
+++ b/RHEL6/input/checks/bootloader_password.xml
@@ -6,6 +6,7 @@
<platform>Red Hat Enterprise Linux 6</platform>
</affected>
<description>The grub boot loader should have password
protection enabled.</description>
+ <reference source="DS" ref_id="20131002"
ref_url="test_attestation" />
</metadata>
<criteria>
<criterion comment="make sure a password is defined in
/etc/grub.conf" test_ref="test_bootloader_password" />
diff --git a/RHEL6/input/checks/rsyslog_files_ownership.xml
b/RHEL6/input/checks/rsyslog_files_ownership.xml
index 05bc20e..32a2533 100644
--- a/RHEL6/input/checks/rsyslog_files_ownership.xml
+++ b/RHEL6/input/checks/rsyslog_files_ownership.xml
@@ -8,6 +8,7 @@
</affected>
<description>All syslog log files should be owned by the
appropriate user.</description>
+ <reference source="DS" ref_id="20131002"
ref_url="test_attestation" />
</metadata>
<criteria>
<criterion comment="check if group root owns all syslog log
files" test_ref="test_rsyslog_files_ownership" />
diff --git a/RHEL6/input/checks/service_abrtd_disabled.xml
b/RHEL6/input/checks/service_abrtd_disabled.xml
index 71c8985..f195456 100644
--- a/RHEL6/input/checks/service_abrtd_disabled.xml
+++ b/RHEL6/input/checks/service_abrtd_disabled.xml
@@ -8,6 +8,7 @@
<platform>Red Hat Enterprise Linux 6</platform>
</affected>
<description>The abrtd service should be disabled if
possible.</description>
+ <reference source="DS" ref_id="20131002"
ref_url="test_attestation" />
</metadata>
<criteria comment="package abrt removed or service abrtd is not
configured to start" operator="OR">
<extend_definition comment="abrt removed"
definition_ref="package_abrt_removed" />
diff --git a/RHEL6/input/checks/service_iptables_enabled.xml
b/RHEL6/input/checks/service_iptables_enabled.xml
index 2360686..a8c7f7d 100644
--- a/RHEL6/input/checks/service_iptables_enabled.xml
+++ b/RHEL6/input/checks/service_iptables_enabled.xml
@@ -8,6 +8,7 @@
<platform>Red Hat Enterprise Linux 6</platform>
</affected>
<description>The iptables service should be enabled if
possible.</description>
+ <reference source="DS" ref_id="20131002"
ref_url="test_attestation" />
</metadata>
<criteria comment="package iptables installed and service
iptables is configured to start" operator="AND">
<extend_definition comment="iptables installed"
definition_ref="package_iptables_installed" />
--
1.7.1
