Jan, I may be missing something, then. The 'install_vsftpd' rule was flagged by 'make validate', and I was unable to locate the OVAL referenced in the XCCDF - in either the RHEL/6 or shared/oval directories. Here's my verification/sanity check of this from just a second ago:
*[root@localhost checks]# git pull* *Already up-to-date.* *[root@localhost checks]# ls | grep package_vsftpd ; file package_vsftpd_installed.xml * *package_vsftpd_installed.xml* *package_vsftpd_removed.xml* *package_vsftpd_installed.xml: ASCII HTML document text* *[root@localhost checks]# ls ../../../../shared/oval/package_* *package_aide_installed.xml package_ntp_installed.xml package_openssh-server_removed.xml * *[root@localhost checks]# ls ../../../../shared/oval/package_* Dave On Fri, Jun 27, 2014 at 1:06 PM, Jan Lieskovsky <[email protected]> wrote: > Hello David, > > ----- Original Message ----- > > From: "David Smith" <[email protected]> > > To: [email protected] > > Sent: Friday, June 27, 2014 6:37:14 PM > > Subject: [PATCH] Added vsftpd OVAL check and modified > packages_installed.csv file > > Just wondering, what's the motivation behind adding this check? If I am > not wrong, > the package_vsftpd_installed.xml in RHEL/6 is used from shared/oval > directory: > > scap-security-guide]$ file > RHEL/6/input/checks/package_vsftpd_installed.xml > RHEL/6/input/checks/package_vsftpd_installed.xml: symbolic link to > `../../../../shared/oval/package_vsftpd_installed.xml' > > So the corresponding XCCDF definition should work without issues. If not, > the problem > should be fixed (but the rules which can be shared we would like to keep > in the /shared > directory). > > Thank you && Regards, Jan. > -- > Jan iankko Lieskovsky / Red Hat Security Technologies Team > > > > > > > Signed-off-by: David Smith <[email protected]> > > --- > > RHEL/6/input/checks/package_vsftpd_installed.xml | 26 > > ++++++++++++++++++++ > > .../input/checks/templates/packages_installed.csv | 1 + > > 2 files changed, 27 insertions(+), 0 deletions(-) > > create mode 100644 RHEL/6/input/checks/package_vsftpd_installed.xml > > > > diff --git a/RHEL/6/input/checks/package_vsftpd_installed.xml > > b/RHEL/6/input/checks/package_vsftpd_installed.xml > > new file mode 100644 > > index 0000000..e4153a1 > > --- /dev/null > > +++ b/RHEL/6/input/checks/package_vsftpd_installed.xml > > @@ -0,0 +1,26 @@ > > +<def-group> > > + <!-- THIS FILE IS GENERATED by create_package_installed.py. DO NOT > EDIT. > > --> > > + <definition class="compliance" id="package_vsftpd_installed" > > + version="1"> > > + <metadata> > > + <title>Package vsftpd Installed</title> > > + <affected family="unix"> > > + <platform>Red Hat Enterprise Linux 6</platform> > > + </affected> > > + <description>The RPM package vsftpd should be > installed.</description> > > + <reference source="swells" ref_id="20130829" > > ref_url="test_attestation"/> > > + </metadata> > > + <criteria> > > + <criterion comment="package vsftpd is installed" > > + test_ref="test_package_vsftpd_installed" /> > > + </criteria> > > + </definition> > > + <linux:rpminfo_test check="all" check_existence="all_exist" > > + id="test_package_vsftpd_installed" version="1" > > + comment="package vsftpd is installed"> > > + <linux:object object_ref="obj_package_vsftpd_installed" /> > > + </linux:rpminfo_test> > > + <linux:rpminfo_object id="obj_package_vsftpd_installed" version="1"> > > + <linux:name>vsftpd</linux:name> > > + </linux:rpminfo_object> > > +</def-group> > > diff --git a/RHEL/6/input/checks/templates/packages_installed.csv > > b/RHEL/6/input/checks/templates/packages_installed.csv > > index ef6e737..dc0ae21 100644 > > --- a/RHEL/6/input/checks/templates/packages_installed.csv > > +++ b/RHEL/6/input/checks/templates/packages_installed.csv > > @@ -13,3 +13,4 @@ postfix > > psacct > > rsyslog > > screen > > +vsftpd > > -- > > 1.7.1 > > > > -- > > SCAP Security Guide mailing list > > [email protected] > > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > > https://github.com/OpenSCAP/scap-security-guide/ > -- > SCAP Security Guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > https://github.com/OpenSCAP/scap-security-guide/
-- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
