Fix bash remediation in rsyslog_remote_access_monitoring rule #9253
Conversation
In cases where a reference line is not found, a new line was included with invalid syntax. Removed the escape characters only necessary in the sed command used by this remediation.
marcusburghardt
added
bugfix
|
Start a new ephemeral environment with changes proposed in this pull request: rhel8 (from CTF) Environment (using Fedora as testing environment) Fedora Testing Environment Oracle Linux 8 Environment |
|
This datastream diff is auto generated by the check Click here to see the full diffbash remediation for rule 'xccdf_org.ssgproject.content_rule_rsyslog_remote_access_monitoring' differs:
--- old datastream
+++ new datastream
@@ -20,7 +20,7 @@
# Add selector to file
sed -r -i "0,/^(\S+\s+\/var\/log\/secure$)/s//\1\n${K} \/var\/log\/secure/" /etc/rsyslog.conf
else
- echo "${K} \/var\/log\/secure/" >> /etc/rsyslog.conf
+ echo "${K} /var/log/secure" >> /etc/rsyslog.conf
fi
fi
done |
|
Code Climate has analyzed commit aff1de7 and detected 0 issues on this pull request. The test coverage on the diff in this pull request is 100.0% (50% is the threshold). This pull request will bring the total coverage in the repository to 42.7% (0.0% change). View more on Code Climate. |
|
@marcusburghardt: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
The OVAL is not checking the destination of the logs but only if they are collected. |
Description:
In cases where a reference line is not found, a new line was included with invalid syntax.
Removed the escape characters only necessary in the
sedcommand used by this remediation.Rationale: