scap-security-guide/SOURCES/scap-security-guide-0.1.59-fix_7333-PR_7692.patch
2022-04-26 18:09:24 +00:00

92 lines
4.8 KiB
Diff

From c988807382a5c0e307567def55fcedcb2e3b75b7 Mon Sep 17 00:00:00 2001
From: Matthew Burket <mburket@redhat.com>
Date: Mon, 4 Oct 2021 12:18:05 -0500
Subject: [PATCH 1/4] Update rsyslog_remote_loghost to match STIG and CIS
STIG and CIS only match *.conf files and we matched all files.
Moving to match the benchmarks.
Fixes #7333
---
.../rsyslog_remote_loghost/oval/shared.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml
index 5895b7fab24..7b5d4968886 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml
@@ -39,7 +39,7 @@
<ind:textfilecontent54_object id="object_remote_loghost_rsyslog_d" version="1">
<ind:path>/etc/rsyslog.d</ind:path>
- <ind:filename operation="pattern match">.*</ind:filename>
+ <ind:filename operation="pattern match">*.conf</ind:filename>
<ind:pattern operation="pattern match">^\*\.\*[\s]+(?:@|\:omrelp\:)</ind:pattern>
<ind:instance datatype="int">1</ind:instance>
</ind:textfilecontent54_object>
From 19d72d76e6818f47e71245dece0d6faa62cfcdb1 Mon Sep 17 00:00:00 2001
From: Matthew Burket <mburket@redhat.com>
Date: Mon, 4 Oct 2021 13:11:10 -0500
Subject: [PATCH 3/4] Add packages so that test suite pass in a container
---
.../rsyslog_remote_loghost/tests/line_commented.fail.sh | 1 +
.../rsyslog_remote_loghost/tests/line_not_there.fail.sh | 1 +
.../rsyslog_remote_loghost/tests/remote_configured.pass.sh | 1 +
3 files changed, 3 insertions(+)
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_commented.fail.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_commented.fail.sh
index 52376effea2..760606278b3 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_commented.fail.sh
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_commented.fail.sh
@@ -1,4 +1,5 @@
#!/bin/bash
+# packages = rsyslog
CONF_FILE="/etc/rsyslog.conf"
LOGHOST_LINE="*.* @@192.168.122.1:5000"
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_not_there.fail.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_not_there.fail.sh
index 8a55da88c8d..ac82180f21c 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_not_there.fail.sh
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/line_not_there.fail.sh
@@ -1,4 +1,5 @@
#!/bin/bash
+# packages = rsyslog
CONF_FILE="/etc/rsyslog.conf"
sed -i "/^\*\.\*.*/d" "$CONF_FILE"
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/remote_configured.pass.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/remote_configured.pass.sh
index 8122a490f25..3c396b4e52a 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/remote_configured.pass.sh
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/tests/remote_configured.pass.sh
@@ -1,4 +1,5 @@
#!/bin/bash
+# packages = rsyslog
CONF_FILE="/etc/rsyslog.conf"
LOGHOST_LINE="*.* @@192.168.122.1:5000"
From e7110e97c808b82a8d6d91c9da42f6c5422747cf Mon Sep 17 00:00:00 2001
From: Matthew Burket <mburket@redhat.com>
Date: Mon, 11 Oct 2021 11:33:13 -0500
Subject: [PATCH 4/4] Fix regex on rsyslog_remote_loghost
---
.../rsyslog_remote_loghost/oval/shared.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml
index 7b5d4968886..0fdd24e18c2 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/oval/shared.xml
@@ -39,7 +39,7 @@
<ind:textfilecontent54_object id="object_remote_loghost_rsyslog_d" version="1">
<ind:path>/etc/rsyslog.d</ind:path>
- <ind:filename operation="pattern match">*.conf</ind:filename>
+ <ind:filename operation="pattern match">^.+\.conf$</ind:filename>
<ind:pattern operation="pattern match">^\*\.\*[\s]+(?:@|\:omrelp\:)</ind:pattern>
<ind:instance datatype="int">1</ind:instance>
</ind:textfilecontent54_object>