>From 92a887e552a75626f4aae2af41b3eb1a04a8ec7d Mon Sep 17 00:00:00 2001 From: Shawn Wells <[email protected]> Date: Fri, 27 Dec 2013 00:48:54 -0500 Subject: [PATCH 14/31] Moved groupowner_shadow_file to shared/
- Tested on RHEL7, updated CPE, moved to shared/ --- RHEL/6/input/checks/groupowner_shadow_file.xml | 30 +------------------------- RHEL/7/input/checks/groupowner_shadow_file.xml | 1 + shared/oval/groupowner_shadow_file.xml | 30 ++++++++++++++++++++++++++ 3 files changed, 32 insertions(+), 29 deletions(-) mode change 100644 => 120000 RHEL/6/input/checks/groupowner_shadow_file.xml create mode 120000 RHEL/7/input/checks/groupowner_shadow_file.xml create mode 100644 shared/oval/groupowner_shadow_file.xml diff --git a/RHEL/6/input/checks/groupowner_shadow_file.xml b/RHEL/6/input/checks/groupowner_shadow_file.xml deleted file mode 100644 index d7423cc..0000000 --- a/RHEL/6/input/checks/groupowner_shadow_file.xml +++ /dev/null @@ -1,29 +0,0 @@ -<def-group> - <definition class="compliance" id="groupowner_shadow_file" version="1"> - <metadata> - <title>Verify group who owns 'shadow' file</title> - <affected family="unix"> - <platform>Red Hat Enterprise Linux 6</platform> - </affected> - <description>The /etc/shadow file should be owned by the appropriate - group.</description> - <reference source="swells" ref_id="20130918" ref_url="test_attestation" /> - </metadata> - <criteria> - <criterion test_ref="test_groupowner_etc_shadow" /> - </criteria> - </definition> - <unix:file_test check="all" check_existence="all_exist" - comment="Testing group ownership /etc/shadow" id="test_groupowner_etc_shadow" - version="1"> - <unix:object object_ref="object_groupowner_shadow_file" /> - <unix:state state_ref="state_groupowner_shadow_file" /> - </unix:file_test> - <unix:file_state id="state_groupowner_shadow_file" version="1"> - <unix:group_id datatype="int">0</unix:group_id> - </unix:file_state> - <unix:file_object comment="/etc/shadow" - id="object_groupowner_shadow_file" version="1"> - <unix:filepath>/etc/shadow</unix:filepath> - </unix:file_object> -</def-group> diff --git a/RHEL/6/input/checks/groupowner_shadow_file.xml b/RHEL/6/input/checks/groupowner_shadow_file.xml new file mode 120000 index 0000000..9f4fad8 --- /dev/null +++ b/RHEL/6/input/checks/groupowner_shadow_file.xml @@ -0,0 +1 @@ +../../../../shared/oval/groupowner_shadow_file.xml \ No newline at end of file diff --git a/RHEL/7/input/checks/groupowner_shadow_file.xml b/RHEL/7/input/checks/groupowner_shadow_file.xml new file mode 120000 index 0000000..9f4fad8 --- /dev/null +++ b/RHEL/7/input/checks/groupowner_shadow_file.xml @@ -0,0 +1 @@ +../../../../shared/oval/groupowner_shadow_file.xml \ No newline at end of file diff --git a/shared/oval/groupowner_shadow_file.xml b/shared/oval/groupowner_shadow_file.xml new file mode 100644 index 0000000..dd1226e --- /dev/null +++ b/shared/oval/groupowner_shadow_file.xml @@ -0,0 +1,30 @@ +<def-group> + <definition class="compliance" id="groupowner_shadow_file" version="1"> + <metadata> + <title>Verify group who owns 'shadow' file</title> + <affected family="unix"> + <platform>Red Hat Enterprise Linux 6</platform> + <platform>Red Hat Enterprise Linux 7</platform> + </affected> + <description>The /etc/shadow file should be owned by the appropriate + group.</description> + <reference source="swells" ref_id="20130918" ref_url="test_attestation" /> + </metadata> + <criteria> + <criterion test_ref="test_groupowner_etc_shadow" /> + </criteria> + </definition> + <unix:file_test check="all" check_existence="all_exist" + comment="Testing group ownership /etc/shadow" id="test_groupowner_etc_shadow" + version="1"> + <unix:object object_ref="object_groupowner_shadow_file" /> + <unix:state state_ref="state_groupowner_shadow_file" /> + </unix:file_test> + <unix:file_state id="state_groupowner_shadow_file" version="1"> + <unix:group_id datatype="int">0</unix:group_id> + </unix:file_state> + <unix:file_object comment="/etc/shadow" + id="object_groupowner_shadow_file" version="1"> + <unix:filepath>/etc/shadow</unix:filepath> + </unix:file_object> +</def-group> -- 1.8.3.1
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
