enabled / disabled" OVAL checks in the case we are building RHEL/7
"make validate" target with openscap-1.0.x

In this case "service * enabled / disabled" OVAL checks won't be
included in final OVAL since they require OVAL-5.11 support

chronyd_specify_multiple_servers.xml rule with shared one from shared/oval/oval_5.11

Since these checks depend on 'service_chronyd_enabled' OVAL, which
is / will be included only in case oscap supports OVAL-5.11

"chronyd_specify_remote_server.xml" rule with one shared OVAL from shared/oval/oval_5.11 directory

Since in the case service chronyd isn't enabled it doesn't make sense
to check chronyd daemon settings (and service_chronyd_enabled OVAL
requires oscap to support OVAL-5.11)

…e_servers' rule

into two separate RHEL/6 and RHEL/7 OVALs

Since:
* in RHEL-6 case we are able to detect if 'service_ntpd_enabled' OVAL is
satisfied just by OVAL-5.10 means,
* but for RHEL-7 we need oscap to support OVAL-5.11. RHEL-7 version was placed
  into oval/oval_5.11 folder so it can be later re-used for Fedora too

…server'

into separate RHEL-6 and RHEL-7 version

Since:
* in RHEL-6 case we are able to use it solely using OVAL-5.10 constructs,
* but for RHEL-7 this is dependency on 'service_ntpd_enabled', which
  requires OVAL-5.11 constructs. Place it into shared/oval/oval_5.11
  folder for future enhancements wrt to Fedora OVAL check

…form_rhel'

OVAL checks for 'package_abrt_removed' in two different locations:

$ find . -name package_abrt_removed.xml
./shared/oval/package_abrt_removed.xml
./RHEL/7/input/oval/oval_5.11/package_abrt_removed.xml

Since this is bringing ambiguity to the build system wrt to this OVAL
check inclusion.

build system ambiguity

$ find . -name package_at_removed.xml
./shared/oval/package_at_removed.xml
./RHEL/7/input/oval/oval_5.11/package_at_removed.xml

There have been two OVAL checks having 'multi_platform_rhel' as platform
definition under different locations.

'package_audit_installed' OVAL check

Right now there are multiple definitions of 'package_audit_installed' OVALs:

$ find . -name package_audit_installed.xml
./shared/oval/package_audit_installed.xml
./RHEL/7/input/oval/package_audit_installed.xml
./RHEL/5/input/oval/package_audit_installed.xml
./Fedora/input/oval/oval_5.11/package_audit_installed.xml

and intersection of the '<platform>' element of these checks
isn't empty set.

Therefore:
* Merge CentOS {4,5}, Red Hat Enterprise Linux {4, 5, 6} definition
  under shared/oval/package_audit_installed.xml location,
* Merge Red Hat Enterprise Linux 7 and Fedora * definition under
  shared/oval/oval_5.11/package_audit_installed.xml location
  (since these required OVAL-5.11)

to get empty '<platform>' element intersection (remove the BS ambiguity).

'package_bluez_removed' OVAL check

Right now there are multiple definitions of this OVAL at various places:

$ find . -name package_bluez_removed.xml
./shared/oval/package_bluez_removed.xml
./RHEL/7/input/oval/oval_5.11/package_bluez_removed.xml

both having 'multi_platform_rhel' specified as '<platform>' element.

This is causing BS ambiguity (BS including OVAL into final OVAL
also in case is shouldn't be). Fix this ambiguity.

'package_chronyd_installed' OVAL check

Right now there are two locations:
$ find . -name package_chrony_installed.xml
./RHEL/7/input/oval/package_chrony_installed.xml
./Fedora/input/oval/oval_5.11/package_chrony_installed.xml

Therefore:
* Create one shared/oval/oval_5.11 one (since package_chronyd_installed
  is required only in case we check 'service_chronyd_enabled', which
  requires OVAL-5.11 constructs)

'package_cronie_installed' OVAL check

Current status:
$ find . -name package_cronie_installed.xml
./shared/oval/package_cronie_installed.xml
./RHEL/6/input/oval/package_cronie_installed.xml
./Fedora/input/oval/oval_5.11/package_cronie_installed.xml

'package_firewalld_installed' OVAL check

Current status:

$ find . -name package_firewalld_installed.xml
./shared/oval/package_firewalld_installed.xml
./RHEL/7/input/oval/package_firewalld_installed.xml
./Fedora/input/oval/oval_5.11/package_firewalld_installed.xml

=> create one shared/oval/oval_5.11 OVAL check and delete
those unnecessary ones

'package_iputils_removed' OVAL check

Current status:

$ find . -name package_iputils_removed.xml
./shared/oval/package_iputils_removed.xml
./RHEL/7/input/oval/oval_5.11/package_iputils_removed.xml

But for RHEL-7 'package_iputils_removed' is required only in case
OVAL-5.11 is supported (for service_rdisc_disabled check).

=> we can't use shared version.

'package_nfs-utils_removed' OVAL check

Current status:
$ find . -name package_nfs-utils_removed.xml
./shared/oval/package_nfs-utils_removed.xml
./RHEL/7/input/oval/oval_5.11/package_nfs-utils_removed.xml

There are two locations having '<platform>multi_platform_rhel</platform>'
platform tag set. But for RHEL-7 the OVAL is required only if we
are checking NFS service status (only if oscap supports OVAL-5.11) =>
we can't use shared/ version. Fix that.

'package_ntp_installed' OVAL check

Current status:

$ find . -name package_ntp_installed.xml
./shared/oval/package_ntp_installed.xml
./RHEL/7/input/oval/package_ntp_installed.xml
./RHEL/5/input/oval/package_ntp_installed.xml
./Debian/8/input/oval/package_ntp_installed.xml

=>
* Replace RHEL/5 version with enhancing shared/oval version,
* Remove 'multi_platform_rhel' from shared/oval version
  (since in RHEL-7 case we want the OVAL included only in
  case oscap supports OVAL-5.11)

'package_oddjob_removed' OVAL check

Current status:

$ find . -name package_oddjob_removed.xml
./shared/oval/package_oddjob_removed.xml
./RHEL/7/input/oval/oval_5.11/package_oddjob_removed.xml

Both having 'multi_platform_rhel' as <platform>. But we need:
* RHEL/6 version for both OVAL-5.10 and OVAL-5.11,
* But RHEL/7 version only for OVAL-5.11 version

=> can't use shared/ version

'package_qpid-cpp-server_removed' OVAL check

Current status:

$ find . -name package_qpid-cpp-server_removed.xml
./shared/oval/package_qpid-cpp-server_removed.xml
./RHEL/7/input/oval/oval_5.11/package_qpid-cpp-server_removed.xml

Both of the OVALs having '<platform>' tag set to 'multi_platform_rhel'.
But we need 'package_qpid-cpp-server_removed' OVAL for RHEL-7 only
in case oscap supports OVAL-5.11 version (as a prerequisite for
service * removed check) => it's not possible to use shared/
version of this OVAL. Fix that.