On 6/30/14, 4:53 AM, Jan Lieskovsky wrote:
Hello David,
----- Original Message -----
>From: "David Smith"<[email protected]>
>To: "SCAP Security Guide"<[email protected]>
>Sent: Friday, June 27, 2014 8:21:20 PM
>Subject: Re: [PATCH] Added vsftpd OVAL check and modified
packages_installed.csv file
>
>Jan,
>
>I may be missing something, then. The 'install_vsftpd' rule was flagged by
>'make validate', and I was unable to locate the OVAL referenced in the XCCDF
>- in either the RHEL/6 or shared/oval directories. Here's my
>verification/sanity check of this from just a second ago:
>
>[root@localhost checks]# git pull
>Already up-to-date.
>[root@localhost checks]# ls | grep package_vsftpd ; file
>package_vsftpd_installed.xml
>package_vsftpd_installed.xml
>package_vsftpd_removed.xml
>package_vsftpd_installed.xml: ASCII HTML document text
>[root@localhost checks]# ls ../../../../shared/oval/package_
>package_aide_installed.xml package_ntp_installed.xml
>package_openssh-server_removed.xml
>[root@localhost checks]# ls ../../../../shared/oval/package_
There needs to be something rusty with that repository then. 'install_vsftpd'
rule has been updated more than a month ago:
https://git.fedorahosted.org/cgit/scap-security-guide.git/log/RHEL/6/input/checks/package_vsftpd_installed.xml
https://git.fedorahosted.org/cgit/scap-security-guide.git/commit/?id=d08eb51149b0330b66582c3ec57d9ac05373283d
What has 'git log' on that repository to say wrt to when the most recent change
happened?
Either issuing just plain 'git pull' (due to custom local config) isn't
automatically pulling
content of master branch (is there any difference when issuing: 'git pull
origin master' on that repo?),
or the remote end is wrong (git remote -v), or git pull failed to merge changes
& returned without
error message (but I consider this scenario very unlikely / almost impossible).
You can ensure to start up each time with the fresh / most recent copy of the
repo via:
$ rm -rf scap_security_guide_folder
$ git clonessh://git.fedorahosted.org/git/scap-security-guide.git
IOW completely erasing the content & cloning the latest one each time (might be
more aggressive wrt
to network traffic vs git pull case, but should ensure this won't happen in the
future again) at least
till the issue with the configuration is fixed (based on the provided
information hard to say why
git pull claimed the repository being 'up2date' even when it obviously wasn't
the case).
Something seems up with Dave's repo.
On my box:
## check to see if templates for vsftp installed && removed exist:
$ cd /var/www/html/scap-security-guide/RHEL/6/input/
$ grep vsftp checks/templates/packages_*
checks/templates/packages_installed.csv:vsftpd
checks/templates/packages_removed.csv:vsftpd
## double check existence in RHEL6/input/checks:
$ ll checks/package_vsftpd_*
lrwxrwxrwx. 1 shawnw shawnw 52 May 24 10:08
checks/package_vsftpd_installed.xml ->
../../../../shared/oval/package_vsftpd_installed.xml
-rw-rw-r--. 1 shawnw shawnw 1027 May 24 10:08
checks/package_vsftpd_removed.xml
--
SCAP Security Guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
https://github.com/OpenSCAP/scap-security-guide/
