If this is accepted syntax for our checks, then so be it. Do you have a preference? If you are comfortable with your patch as submitted, then consider it ack'd.
On a separate note, I'm getting mail loop errors sending to the list, but then my emails seem to be getting through? This is the mail system at host lists.fedorahosted.org. > > I'm sorry to have to inform you that your message could not > be delivered to one or more recipients. It's attached below. > > For further assistance, please send mail to postmaster. > > If you do so, please include this problem report. You can > delete your own text from the attached returned message. > > The mail system > > <[email protected]>: mail forwarding loop for > [email protected] > > Final-Recipient: rfc822; [email protected] > Action: failed > Status: 5.4.6 > Diagnostic-Code: X-Postfix; mail forwarding loop for > [email protected] > On Mon, May 19, 2014 at 2:00 PM, Paul Tittle (Contractor) < [email protected]> wrote: > That's good to know. I just cribbed off of the way the pam matching > patterns did it. For example: > > <ind:pattern operation="pattern > match">^\s*auth\s+(?:(?:sufficient)|(?:\[default=die\]))\s+pam_faillock\.so.*deny=([0-9]*).*$</ind:pattern> > > > On 5/19/14 3:53 PM, Andrew Gilmore wrote: > > NACK on nit-picky RE issues... > > I believe it is sufficient to only make the surrounding subpattern > non-matchable... > (?:hard|-) > instead of > (?:(?:hard)|(?:-)) > > I actually had success with no subpattern at all: > hard|- > but I'm not clear why. > > Good catch though, I was about to put my patch for this one up. :) > > On Mon, May 19, 2014 at 1:44 PM, Paul Tittle <[email protected]> > <[email protected]>wrote: > > > --- > .../accounts_max_concurrent_login_sessions.xml | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > > diff --git > a/RHEL/6/input/checks/accounts_max_concurrent_login_sessions.xml > b/RHEL/6/input/checks/accounts_max_concurrent_login_sessions.xml > index b08faa5..868c58e 100644 > --- a/RHEL/6/input/checks/accounts_max_concurrent_login_sessions.xml > +++ b/RHEL/6/input/checks/accounts_max_concurrent_login_sessions.xml > @@ -21,7 +21,7 @@ > > <ind:textfilecontent54_object > id="object_etc_security_limits_conf_maxlogins" version="1"> > <ind:filepath>/etc/security/limits.conf</ind:filepath> > - <ind:pattern operation="pattern > match">^[\s]*\*[\s]+[hard|-][\s]+maxlogins[\s]+(\d+)\s*$</ind:pattern> > + <ind:pattern operation="pattern > match">^[\s]*\*[\s]+(?:(?:hard)|(?:-))[\s]+maxlogins[\s]+(\d+)\s*$</ind:pattern> > <ind:instance datatype="int">1</ind:instance> > </ind:textfilecontent54_object> > > -- > 1.7.1 > > _______________________________________________ > scap-security-guide mailing > [email protected]https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > > > > _______________________________________________ > scap-security-guide mailing > [email protected]https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > > > > _______________________________________________ > scap-security-guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > >
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
