[Open-scap] [systemdtests-devel branch] [PATCH] Add another failing systemdunitproperty probe test, which should pass (since default.target should be enabled on common system)
Jan Lieskovsky
jlieskov at redhat.com
Fri Jul 18 10:17:33 UTC 2014
And provide second version of this third patch too (to make
the expected to fail test to actually fail also).
Re-tested & seems to be working properly:
$ cat test_probes_systemdunitproperty.log
TEST: systemdunitproperty general functionality
Definition oval:0:def:7: false
Definition oval:0:def:6: unknown
Definition oval:0:def:5: false
Definition oval:0:def:4: true
Definition oval:0:def:3: true
Definition oval:0:def:2: true
Definition oval:0:def:1: true
Evaluation done.
Result of oval:0:def:5 should be TRUE and is FALSE
Result of oval:0:def:6 should be FALSE and is ERROR
Result of oval:0:def:7 should be TRUE and is FALSE
RESULT: FAILED
Please review.
Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Technologies Team
Note: Again change from:
https://www.redhat.com/archives/open-scap-list/2014-July/msg00026.html
is required for this change to work properly.
----- Original Message -----
> From: "Jan Lieskovsky" <jlieskov at redhat.com>
> To: "open-scap-list" <open-scap-list at redhat.com>
> Sent: Wednesday, July 16, 2014 6:02:17 PM
> Subject: [Open-scap] [systemdtests-devel branch] [PATCH] Add another failing systemdunitproperty probe test, which
> should pass (since default.target should be enabled on common system)
>
> Hello folks,
>
> attached is another example of failing systemdunitproperty probe test (in
> the current implementation). It's checking if default.target unit has value
> of
> UnitFileState property (case-insensitively) equal to 'enabled'.
>
> But from the OVAL results / OVAL collected objects also attached, looks
> systemdunitproperty probe isn't capable to obtain default.target object
> on that system (even when it explicitly exists:
>
> # systemctl show default.target | grep UnitFileState
> UnitFileState=enabled )
>
> Looks default.target isn't listed in the list of available targets:
>
> $ systemctl list-units -t target | grep default | wc -l
> 0
>
> but it's possible to display it (e.g. systemctl show default.target works
> as usual), so it seems systemctl is using some kind of hack to get this
> target displayed [*].
>
> Attached is also simplified / minimized testcase (3.xml) that was used for
> testing on the targeted system.
>
> The change has been checked for work during the openscap package build
> process:
>
> $ cat /tmp/test_probes_systemdunitproperty.log
> TEST: systemdunitproperty general functionality
> Definition oval:0:def:7: false
> Definition oval:0:def:6: unknown
> Definition oval:0:def:5: false
> Definition oval:0:def:4: true
> Definition oval:0:def:3: true
> Definition oval:0:def:2: true
> Definition oval:0:def:1: true
> Evaluation done.
> RESULT: PASSED
>
> Please review.
>
> Thank you && Regards, Jan.
> --
> Jan iankko Lieskovsky / Red Hat Security Technologies Team
>
> P.S.: [*] default.target might be of high importance for SCAP content authors
> (since it might actually be the one used in most cases for property
> checks)
>
> _______________________________________________
> Open-scap-list mailing list
> Open-scap-list at redhat.com
> https://www.redhat.com/mailman/listinfo/open-scap-list
-------------- next part --------------
A non-text attachment was scrubbed...
Name: v2-0001-Add-another-failing-systemdunitproperty-probe-test-w.patch
Type: text/x-patch
Size: 2442 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20140718/e4791b25/attachment.bin>
More information about the Open-scap-list
mailing list