-
Notifications
You must be signed in to change notification settings - Fork 680
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BugFix] [Infrastructure] Fix failing RHEL/7's "make validate" target when built on openscap 1.0.x #1048
[BugFix] [Infrastructure] Fix failing RHEL/7's "make validate" target when built on openscap 1.0.x #1048
Commits on Feb 20, 2016
-
[BugFix] [RHEL/7] Don't verify OVAL checks references for "service *
enabled / disabled" OVAL checks in the case we are building RHEL/7 "make validate" target with openscap-1.0.x In this case "service * enabled / disabled" OVAL checks won't be included in final OVAL since they require OVAL-5.11 support
Jan Lieskovsky committedFeb 20, 2016 Configuration menu - View commit details
-
Copy full SHA for 6569305 - Browse repository at this point
Copy the full SHA 6569305View commit details
Commits on Feb 21, 2016
-
[BugFix] [Infrastructure] Replace separate Fedora and RHEL-7 OVALs for
chronyd_specify_multiple_servers.xml rule with shared one from shared/oval/oval_5.11 Since these checks depend on 'service_chronyd_enabled' OVAL, which is / will be included only in case oscap supports OVAL-5.11
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for cb6ac10 - Browse repository at this point
Copy the full SHA cb6ac10View commit details -
[BugFix] [Infrastructure] Replace Fedora and RHEL-7 specific OVALs for
"chronyd_specify_remote_server.xml" rule with one shared OVAL from shared/oval/oval_5.11 directory Since in the case service chronyd isn't enabled it doesn't make sense to check chronyd daemon settings (and service_chronyd_enabled OVAL requires oscap to support OVAL-5.11)
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for 325ce7e - Browse repository at this point
Copy the full SHA 325ce7eView commit details -
[BugFix] [Infrastructure] Split shared OVAL for 'ntpd_specify_multipl…
…e_servers' rule into two separate RHEL/6 and RHEL/7 OVALs Since: * in RHEL-6 case we are able to detect if 'service_ntpd_enabled' OVAL is satisfied just by OVAL-5.10 means, * but for RHEL-7 we need oscap to support OVAL-5.11. RHEL-7 version was placed into oval/oval_5.11 folder so it can be later re-used for Fedora too
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for bc4c26e - Browse repository at this point
Copy the full SHA bc4c26eView commit details -
[BugFix] [Infrastructure] Split shared OVAL for 'ntpd_specify_remote_…
…server' into separate RHEL-6 and RHEL-7 version Since: * in RHEL-6 case we are able to use it solely using OVAL-5.10 constructs, * but for RHEL-7 this is dependency on 'service_ntpd_enabled', which requires OVAL-5.11 constructs. Place it into shared/oval/oval_5.11 folder for future enhancements wrt to Fedora OVAL check
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for e376fe9 - Browse repository at this point
Copy the full SHA e376fe9View commit details -
[BugFix] [Infrastructure] Fix the situation of having two 'multi_plat…
…form_rhel' OVAL checks for 'package_abrt_removed' in two different locations: $ find . -name package_abrt_removed.xml ./shared/oval/package_abrt_removed.xml ./RHEL/7/input/oval/oval_5.11/package_abrt_removed.xml Since this is bringing ambiguity to the build system wrt to this OVAL check inclusion.
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for 68d57d1 - Browse repository at this point
Copy the full SHA 68d57d1View commit details -
[BugFix] [Infrastructure] Fix 'package_at_removed' OVAL check
build system ambiguity $ find . -name package_at_removed.xml ./shared/oval/package_at_removed.xml ./RHEL/7/input/oval/oval_5.11/package_at_removed.xml There have been two OVAL checks having 'multi_platform_rhel' as platform definition under different locations.
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for 368f334 - Browse repository at this point
Copy the full SHA 368f334View commit details -
[BugFix] [Infrastructure] Fix build system ambiguity wrt to
'package_audit_installed' OVAL check Right now there are multiple definitions of 'package_audit_installed' OVALs: $ find . -name package_audit_installed.xml ./shared/oval/package_audit_installed.xml ./RHEL/7/input/oval/package_audit_installed.xml ./RHEL/5/input/oval/package_audit_installed.xml ./Fedora/input/oval/oval_5.11/package_audit_installed.xml and intersection of the '<platform>' element of these checks isn't empty set. Therefore: * Merge CentOS {4,5}, Red Hat Enterprise Linux {4, 5, 6} definition under shared/oval/package_audit_installed.xml location, * Merge Red Hat Enterprise Linux 7 and Fedora * definition under shared/oval/oval_5.11/package_audit_installed.xml location (since these required OVAL-5.11) to get empty '<platform>' element intersection (remove the BS ambiguity).
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for 8ca1c97 - Browse repository at this point
Copy the full SHA 8ca1c97View commit details -
[BugFix] [Infrastructure] Fix build system ambiguity wrt to
'package_bluez_removed' OVAL check Right now there are multiple definitions of this OVAL at various places: $ find . -name package_bluez_removed.xml ./shared/oval/package_bluez_removed.xml ./RHEL/7/input/oval/oval_5.11/package_bluez_removed.xml both having 'multi_platform_rhel' specified as '<platform>' element. This is causing BS ambiguity (BS including OVAL into final OVAL also in case is shouldn't be). Fix this ambiguity.
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for 9345269 - Browse repository at this point
Copy the full SHA 9345269View commit details -
[BugFix] [Infrastructure] Fix build system ambiguity wrt to
'package_chronyd_installed' OVAL check Right now there are two locations: $ find . -name package_chrony_installed.xml ./RHEL/7/input/oval/package_chrony_installed.xml ./Fedora/input/oval/oval_5.11/package_chrony_installed.xml Therefore: * Create one shared/oval/oval_5.11 one (since package_chronyd_installed is required only in case we check 'service_chronyd_enabled', which requires OVAL-5.11 constructs)
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for 5537a30 - Browse repository at this point
Copy the full SHA 5537a30View commit details -
[BugFix] [Infrastructure] Fix build system ambiguity wrt to
'package_cronie_installed' OVAL check Current status: $ find . -name package_cronie_installed.xml ./shared/oval/package_cronie_installed.xml ./RHEL/6/input/oval/package_cronie_installed.xml ./Fedora/input/oval/oval_5.11/package_cronie_installed.xml
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for ce456ec - Browse repository at this point
Copy the full SHA ce456ecView commit details -
[BugFix] [Infrastructure] Fix build system ambiguity wrt to
'package_firewalld_installed' OVAL check Current status: $ find . -name package_firewalld_installed.xml ./shared/oval/package_firewalld_installed.xml ./RHEL/7/input/oval/package_firewalld_installed.xml ./Fedora/input/oval/oval_5.11/package_firewalld_installed.xml => create one shared/oval/oval_5.11 OVAL check and delete those unnecessary ones
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for 509f9cf - Browse repository at this point
Copy the full SHA 509f9cfView commit details -
[BugFix] [Infrastructure] Fix build system ambiguity wrt to
'package_iputils_removed' OVAL check Current status: $ find . -name package_iputils_removed.xml ./shared/oval/package_iputils_removed.xml ./RHEL/7/input/oval/oval_5.11/package_iputils_removed.xml But for RHEL-7 'package_iputils_removed' is required only in case OVAL-5.11 is supported (for service_rdisc_disabled check). => we can't use shared version.
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for e336d7a - Browse repository at this point
Copy the full SHA e336d7aView commit details -
[BugFix] [Infrastructure] Fix build system ambiguity wrt to
'package_nfs-utils_removed' OVAL check Current status: $ find . -name package_nfs-utils_removed.xml ./shared/oval/package_nfs-utils_removed.xml ./RHEL/7/input/oval/oval_5.11/package_nfs-utils_removed.xml There are two locations having '<platform>multi_platform_rhel</platform>' platform tag set. But for RHEL-7 the OVAL is required only if we are checking NFS service status (only if oscap supports OVAL-5.11) => we can't use shared/ version. Fix that.
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for 465bf84 - Browse repository at this point
Copy the full SHA 465bf84View commit details -
[BugFix] [Infrastructure] Fix build system ambiguity wrt to
'package_ntp_installed' OVAL check Current status: $ find . -name package_ntp_installed.xml ./shared/oval/package_ntp_installed.xml ./RHEL/7/input/oval/package_ntp_installed.xml ./RHEL/5/input/oval/package_ntp_installed.xml ./Debian/8/input/oval/package_ntp_installed.xml => * Replace RHEL/5 version with enhancing shared/oval version, * Remove 'multi_platform_rhel' from shared/oval version (since in RHEL-7 case we want the OVAL included only in case oscap supports OVAL-5.11)
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for addb278 - Browse repository at this point
Copy the full SHA addb278View commit details -
[BugFix] [Infrastructure] Fix build system ambiguity wrt to
'package_oddjob_removed' OVAL check Current status: $ find . -name package_oddjob_removed.xml ./shared/oval/package_oddjob_removed.xml ./RHEL/7/input/oval/oval_5.11/package_oddjob_removed.xml Both having 'multi_platform_rhel' as <platform>. But we need: * RHEL/6 version for both OVAL-5.10 and OVAL-5.11, * But RHEL/7 version only for OVAL-5.11 version => can't use shared/ version
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for 44e008e - Browse repository at this point
Copy the full SHA 44e008eView commit details -
[BugFix] [Infrastructure] Fix build system ambiguity wrt to
'package_qpid-cpp-server_removed' OVAL check Current status: $ find . -name package_qpid-cpp-server_removed.xml ./shared/oval/package_qpid-cpp-server_removed.xml ./RHEL/7/input/oval/oval_5.11/package_qpid-cpp-server_removed.xml Both of the OVALs having '<platform>' tag set to 'multi_platform_rhel'. But we need 'package_qpid-cpp-server_removed' OVAL for RHEL-7 only in case oscap supports OVAL-5.11 version (as a prerequisite for service * removed check) => it's not possible to use shared/ version of this OVAL. Fix that.
Jan Lieskovsky committedFeb 21, 2016 Configuration menu - View commit details
-
Copy full SHA for 87ca333 - Browse repository at this point
Copy the full SHA 87ca333View commit details