[PATCH 2/8] OVAL signoff - accounts_passwords_pam_faillock_deny

Fri, 25 Oct 2013 20:29:48 -0700 

>From dc130e8a58af62d698c8813f774a9d2b0cf7fec1 Mon Sep 17 00:00:00 2001
From: Shawn Wells <[email protected]>
Date: Fri, 25 Oct 2013 21:56:38 -0400
Subject: [PATCH 2/8] OVAL signoff - accounts_passwords_pam_faillock_deny
 filename=>filepath + signoff

---
 .../accounts_passwords_pam_faillock_deny.xml       |   11 +++++------
 1 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/RHEL6/input/checks/accounts_passwords_pam_faillock_deny.xml 
b/RHEL6/input/checks/accounts_passwords_pam_faillock_deny.xml
index 78ea42e..c682c33 100644
--- a/RHEL6/input/checks/accounts_passwords_pam_faillock_deny.xml
+++ b/RHEL6/input/checks/accounts_passwords_pam_faillock_deny.xml
@@ -6,10 +6,11 @@
         <platform>Red Hat Enterprise Linux 6</platform>
       </affected>
       <description>The number of allowed failed logins should be set 
correctly.</description>
+      <reference source="swells" ref_id="20131025" ref_url="test_attestation" 
/>
     </metadata>
     <criteria>
-      <criterion comment="default is set to 3" 
test_ref="test_accounts_passwords_pam_faillock_deny_system-auth" />
-      <criterion comment="default is set to 3" 
test_ref="test_accounts_passwords_pam_faillock_deny_password-auth" />
+      <criterion comment="pam_faillock.so deny value set in system-auth" 
test_ref="test_accounts_passwords_pam_faillock_deny_system-auth" />
+      <criterion comment="pam_faillock.so deny value set in password-auth" 
test_ref="test_accounts_passwords_pam_faillock_deny_password-auth" />
     </criteria>
   </definition>
 
@@ -24,15 +25,13 @@
   </ind:textfilecontent54_test>
 
   <ind:textfilecontent54_object 
id="object_accounts_passwords_pam_faillock_deny_system-auth" version="1">
-    <ind:path>/etc/pam.d</ind:path>
-    <ind:filename>system-auth</ind:filename>
+    <ind:filepath>/etc/pam.d/system-auth</ind:filepath>
     <ind:pattern operation="pattern 
match">^\s*auth\s+(?:(?:required))\s+pam_faillock\.so.*deny=([0-9]*).*$</ind:pattern>
     <ind:instance datatype="int" operation="greater than or 
equal">1</ind:instance>
   </ind:textfilecontent54_object>
 
   <ind:textfilecontent54_object 
id="object_accounts_passwords_pam_faillock_deny_password-auth" version="1">
-    <ind:path>/etc/pam.d</ind:path>
-    <ind:filename>password-auth</ind:filename>
+    <ind:filepath>/etc/pam.d/password-auth</ind:filepath>
     <ind:pattern operation="pattern 
match">^\s*auth\s+(?:(?:sufficient)|(?:\[default=die\]))\s+pam_faillock\.so.*deny=([0-9]*).*$</ind:pattern>
     <ind:instance datatype="int" operation="greater than or 
equal">1</ind:instance>
   </ind:textfilecontent54_object>
-- 
1.7.1


_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide














    











					Reply via email to