From rmercer at harris.com  Wed Sep 11 21:07:14 2013
From: rmercer at harris.com (Rodney L. Mercer)
Date: Wed, 11 Sep 2013 17:07:14 -0400
Subject: [scap-security-guide] CCE-27043-9 gives faise positive
Message-ID: <1378933634.6999.134.camel@osc145>

CCE-27043-9 Result: fail
Rule ID: disable_interactive_boot
[root at wahoo ~]# grep PROMPT /etc/sysconfig/init
PROMPT=no
Gives the correct output, so this is a false positive

Edited /var/www/html/scap-security-guide/RHEL6/input/checks/interactive_boot_disable.xml
and removed the line wrap
----
<ind:pattern operation="pattern match">
   PROMPT[\s]*=[\s]*no\s*$</ind:pattern>
----
to make it the same as that line from:
----
http://oss.tresys.com/projects/clip/browser/packages/scap-security-guide/scap-security-guide/RHEL6/input/checks/interactive_boot_disable.xml
----


cd /var/www/html/scap-security-guide/RHEL6
make all

# oscap xccdf eval --profile stig-rhel6-server
--results /var/www/html/results.xml --report /var/www/html/report.html
--cpe ./output/ssg-rhel6-cpe-dictionary.xml output/ssg-rhel6-xccdf.xml

now produces Result: pass


-- 
Rodney Mercer 
Systems Administrator
Harris IT Services Corp.
Harris Corporation
1225 Evans Road
Melbourne FL, 32934
321-726-1091