[Open-scap] [systemdtests-devel branch] Add example of systemdunitproperty probe test returning (IMHO) incorrect result
Jan Lieskovsky
jlieskov at redhat.com
Wed Jul 16 14:26:15 UTC 2014
Just for case, someone might wonder how the particular OVAL
check looked like (since the ids in the OVAL results / collected
objects wouldn't match those in the patch), it's attached too
for your convenience (testing OVAL defs separately, then generating
patch for the repository).
Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Technologies Team
----- Original Message -----
> From: "Jan Lieskovsky" <jlieskov at redhat.com>
> To: "open-scap-list" <open-scap-list at redhat.com>
> Sent: Wednesday, July 16, 2014 4:02:04 PM
> Subject: [Open-scap] [systemdtests-devel branch] Add example of systemdunitproperty probe test returning (IMHO)
> incorrect result
>
> Hello folks,
>
> attached below is an example of systemdunitproperty_test / definition
> returning
> inappropriate result IMHO (it should return true, but returns false).
>
> Hopefully on common systemd system, while the systemd-journald.service unit
> should exist,
> it wouldn't conflict with something else. Since it's *.service based unit,
> looks Conflicts
> property is valid item for it, but in this case the collected object contains
> some unspecified
> value for it (for debugging both OVAL results & OVAL collected objects XML
> files obtained
> on testing system are provided).
>
> Was even able to get the (slightly modified) version of this test (to come
> via separate
> email later) it to return 'unknown' result.
>
> The change have been tested for proper work. Content of probe log from
> testing system:
>
> $ cat test_probes_systemdunitproperty.log
> TEST: systemdunitproperty general functionality
> Definition oval:0:def:5: false
> Definition oval:0:def:4: true
> Definition oval:0:def:3: true
> Definition oval:0:def:2: true
> Definition oval:0:def:1: true
> Evaluation done.
> RESULT: PASSED
>
> Please review.
>
> Thank you && Regards, Jan.
> --
> Jan iankko Lieskovsky / Red Hat Security Technologies Team
>
> _______________________________________________
> Open-scap-list mailing list
> Open-scap-list at redhat.com
> https://www.redhat.com/mailman/listinfo/open-scap-list
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2.xml
Type: application/xml
Size: 2179 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20140716/4e85a072/attachment.wsdl>
More information about the Open-scap-list
mailing list