[Open-scap] Custom OVAL Probes
Ed
ed.sealing at gmail.com
Fri Apr 22 03:03:08 UTC 2011
Brady,
Just tried it, and it works like a charm. Good catch. Thanks.
Expanding on your example, here's an implementation of the package
whitelist checking you mentioned that uses a set of objects filtered
by a constant variable. I am having a problem when oscap comes back
with the system characteristics, the filter doesn't seem to be working
correctly on obj:2. Just shows the variable in the object. I've tried
based on a couple different attributes and nothing comes back. Not
sure if this is me or openscap... The concepts of the check should be
pretty sound though.
~Ed
> Regular expressions should be supported with the pattern match operation.
>
> <lin-def:rpminfo_object ...>
> <name datatype="string" operation="pattern match">.*</name>
> </lin-def:rpminfo_object>
>
> This successfully collects the list of all packages for me using oscap
> 0.7.2. Does it not work for you?
>
> -Brady
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: WhiteList.oval.xml
Type: text/xml
Size: 2964 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20110421/753ceae5/attachment.xml>
More information about the Open-scap-list
mailing list