Skip to content

Commit

Permalink
Merge pull request #1048 from iankko/openscap_1.0.x_rhel7_make_validate
Browse files Browse the repository at this point in the history 
[BugFix] [Infrastructure] Fix failing RHEL/7's "make validate" target when built on openscap 1.0.x
  • Loading branch information
@jan-cerny
jan-cerny committed Feb 22, 2016
2 parents dbc0f5d + 87ca333 commit 5703131
Show file tree
Hide file tree
Showing 38 changed files with 124 additions and 276 deletions.
27 changes: 0 additions & 27 deletions Fedora/input/oval/chronyd_specify_multiple_servers.xml
View file

This file was deleted.

27 changes: 0 additions & 27 deletions Fedora/input/oval/chronyd_specify_remote_server.xml
View file

This file was deleted.

25 changes: 0 additions & 25 deletions Fedora/input/oval/oval_5.11/package_audit_installed.xml
View file

This file was deleted.

25 changes: 0 additions & 25 deletions Fedora/input/oval/oval_5.11/package_chrony_installed.xml
View file

This file was deleted.

26 changes: 0 additions & 26 deletions Fedora/input/oval/oval_5.11/package_firewalld_installed.xml
View file

This file was deleted.

28 changes: 0 additions & 28 deletions RHEL/5/input/oval/package_audit_installed.xml
View file

This file was deleted.

28 changes: 0 additions & 28 deletions RHEL/5/input/oval/package_ntp_installed.xml
View file

This file was deleted.

29 changes: 29 additions & 0 deletions RHEL/6/input/oval/ntpd_specify_multiple_servers.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
<def-group>
<definition class="compliance" id="ntpd_specify_multiple_servers" version="2">
<metadata>
<title>Specify Multiple Remote ntpd NTP Server for Time Data</title>
<affected family="unix">
<platform>Red Hat Enterprise Linux 6</platform>
</affected>
<description>Multiple ntpd NTP Servers for time synchronization should be specified.</description>
<reference source="galford" ref_id="RHEL6_20141107" ref_url="test_attestation" />
</metadata>
<criteria comment="ntp.conf conditions are met">
<criterion test_ref="test_ntpd_multiple_servers" />
</criteria>
</definition>

<ind:textfilecontent54_test check="all" check_existence="all_exist"
comment="Ensure more than one ntpd NTP server is set" id="test_ntpd_multiple_servers"
version="1">
<ind:object object_ref="obj_ntpd_multiple_servers" />
</ind:textfilecontent54_test>

<ind:textfilecontent54_object comment="Ensure more than one ntpd NTP server is set"
id="obj_ntpd_multiple_servers" version="1">
<ind:filepath>/etc/ntp.conf</ind:filepath>
<ind:pattern operation="pattern match">^([\s]*server[\s]+.+$){2,}$</ind:pattern>
<ind:instance datatype="int">1</ind:instance>
</ind:textfilecontent54_object>

</def-group>
30 changes: 30 additions & 0 deletions RHEL/6/input/oval/ntpd_specify_remote_server.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
<def-group>
<definition class="compliance" id="ntpd_specify_remote_server" version="2">
<metadata>
<title>Specify a Remote ntpd NTP Server for Time Data</title>
<affected family="unix">
<platform>Red Hat Enterprise Linux 6</platform>
</affected>
<description>A remote ntpd NTP Server for time synchronization should be
specified (and dependencies are met)</description>
<reference source="galford" ref_id="RHEL6_20141111" ref_url="test_attestation" />
</metadata>
<criteria comment="ntp.conf conditions are met">
<criterion test_ref="test_ntp_remote_server" />
</criteria>
</definition>

<ind:textfilecontent54_test check="all" check_existence="at_least_one_exists"
comment="Ensure at least one ntpd NTP server is set" id="test_ntp_remote_server"
version="1">
<ind:object object_ref="obj_ntp_remote_server" />
</ind:textfilecontent54_test>

<ind:textfilecontent54_object comment="Ensure at least one ntpd NTP server is set"
id="obj_ntp_remote_server" version="1">
<ind:filepath>/etc/ntp.conf</ind:filepath>
<ind:pattern operation="pattern match">^[\s]*server[\s]+.+$</ind:pattern>
<ind:instance datatype="int">1</ind:instance>
</ind:textfilecontent54_object>

</def-group>
4 changes: 2 additions & 2 deletions shared/oval/package_abrt_removed.xml → RHEL/6/input/oval/package_abrt_removed.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
<metadata>
<title>Package abrt Removed</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
<platform>Red Hat Enterprise Linux 6</platform>
</affected>
<description>The RPM package abrt should be removed.</description>
<reference source="JL" ref_id="20140921" ref_url="test_attestation"/>
<reference source="JL" ref_id="RHEL6_20160221" ref_url="test_attestation"/>
</metadata>
<criteria>
<criterion comment="package abrt is removed"
Expand Down
3 changes: 1 addition & 2 deletions shared/oval/package_at_removed.xml → RHEL/6/input/oval/package_at_removed.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,10 @@
<metadata>
<title>Package at Removed</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
<platform>Red Hat Enterprise Linux 6</platform>
</affected>
<description>The RPM package at should be removed.</description>
<reference source="swells" ref_id="RHEL6_20130829" ref_url="test_attestation"/>
<reference source="JL" ref_id="RHEL7_20150606" ref_url="test_attestation"/>
</metadata>
<criteria>
<criterion comment="package at is removed"
Expand Down
3 changes: 1 addition & 2 deletions shared/oval/package_bluez_removed.xml → RHEL/6/input/oval/package_bluez_removed.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,10 @@
<metadata>
<title>Package bluez Removed</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
<platform>Red Hat Enterprise Linux 6</platform>
</affected>
<description>The RPM package bluez should be removed.</description>
<reference source="JL" ref_id="RHEL6_20141107" ref_url="test_attestation"/>
<reference source="JL" ref_id="RHEL7_20141107" ref_url="test_attestation"/>
</metadata>
<criteria>
<criterion comment="package bluez is removed"
Expand Down
2 changes: 1 addition & 1 deletion RHEL/6/input/oval/package_cronie_installed.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
<platform>Red Hat Enterprise Linux 6</platform>
</affected>
<description>The RPM package cronie should be installed.</description>
<reference source="swells" ref_id="20130829" ref_url="test_attestation"/>
<reference source="swells" ref_id="RHEL6_20130829" ref_url="test_attestation"/>
</metadata>
<criteria>
<criterion comment="package cronie is installed"
Expand Down
3 changes: 1 addition & 2 deletions shared/oval/package_iputils_removed.xml → .../6/input/oval/package_iputils_removed.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,10 @@
<metadata>
<title>Package iputils Removed</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
<platform>Red Hat Enterprise Linux 6</platform>
</affected>
<description>The RPM package iputils should be removed.</description>
<reference source="swells" ref_id="RHEL6_20130829" ref_url="test_attestation"/>
<reference source="JL" ref_id="RHEL7_20150605" ref_url="test_attestation"/>
</metadata>
<criteria>
<criterion comment="package iputils is removed"
Expand Down
4 changes: 2 additions & 2 deletions shared/oval/package_nfs-utils_removed.xml → .../input/oval/package_nfs-utils_removed.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
<metadata>
<title>Package nfs-utils Removed</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
<platform>Red Hat Enterprise Linux 6</platform>
</affected>
<description>The RPM package nfs-utils should be removed.</description>
<reference source="swells" ref_id="20130829" ref_url="test_attestation"/>
<reference source="swells" ref_id="RHEL6_20130829" ref_url="test_attestation"/>
</metadata>
<criteria>
<criterion comment="package nfs-utils is removed"
Expand Down
3 changes: 1 addition & 2 deletions shared/oval/package_oddjob_removed.xml → RHEL/6/input/oval/package_oddjob_removed.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,10 @@
<metadata>
<title>Package oddjob Removed</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
<platform>Red Hat Enterprise Linux 6</platform>
</affected>
<description>The RPM package oddjob should be removed.</description>
<reference source="swells" ref_id="RHEL6_20130829" ref_url="test_attestation"/>
<reference source="JL" ref_id="RHEL7_20150606" ref_url="test_attestation"/>
</metadata>
<criteria>
<criterion comment="package oddjob is removed"
Expand Down
3 changes: 1 addition & 2 deletions .../oval/package_qpid-cpp-server_removed.xml → .../oval/package_qpid-cpp-server_removed.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,10 @@
<metadata>
<title>Package qpid-cpp-server Removed</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
<platform>Red Hat Enterprise Linux 6</platform>
</affected>
<description>The RPM package qpid-cpp-server should be removed.</description>
<reference source="swells" ref_id="RHEL6_20130829" ref_url="test_attestation"/>
<reference source="JL" ref_id="RHEL7_20150606" ref_url="test_attestation"/>
</metadata>
<criteria>
<criterion comment="package qpid-cpp-server is removed"
Expand Down
14 changes: 13 additions & 1 deletion RHEL/7/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,7 +139,19 @@ validate-xml:
oscap ds sds-validate $(OUT)/$(ID)-sl7-ds.xml

validate: validate-xml
cd $(OUT); ../$(SHARED)/$(UTILS)/verify-references.py --rules-with-invalid-checks --ovaldefs-unused ssg-$(PROD)-xccdf.xml
ifeq ($(OVAL_5_11), 0)
cd $(OUT); ../$(SHARED)/$(UTILS)/verify-references.py --rules-with-invalid-checks --ovaldefs-unused $(ID)-$(PROD)-xccdf.xml
else
# If we are building against oscap version not supporting OVAL-5.11 language version yet,
# don't call verify-references.py with "--rules-with-invalid-checks" argument, since the
# OVAL checks using the 5.11 OVAL version will not be included in that case
@echo -e "\nWarning:\n"
@echo -e "\tRHEL/7 content build using oscap not supporting OVAL-5.11 language version detected!"
@echo -e "\tSince the OVAL-5.11 RHEL/7 OVAL checks are missing, will skip test for referenced,"
@echo -e "\tbut undefined OVAL definitions during content validation. Consider building RHEL/7"
@echo -e "\tcontent with version OpenSCAP-1.2.2, or newer in order to perform full content validation!\n"
cd $(OUT); ../$(SHARED)/$(UTILS)/verify-references.py --ovaldefs-unused $(ID)-$(PROD)-xccdf.xml
endif

eval-test:
# Rebuild the content indicating the 'test' profile should be included
Expand Down
4 changes: 2 additions & 2 deletions RHEL/7/input/oval/oval_5.11/package_abrt_removed.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
<metadata>
<title>Package abrt Removed</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
<platform>Red Hat Enterprise Linux 7</platform>
</affected>
<description>The RPM package abrt should be removed.</description>
<reference source="swells" ref_id="20130829" ref_url="test_attestation"/>
<reference source="JL" ref_id="RHEL7_20160221" ref_url="test_attestation"/>
</metadata>
<criteria>
<criterion comment="package abrt is removed"
Expand Down
Loading

0 comments on commit 5703131

Please sign in to comment.