[Open-scap] Errors with test

Baptiste Villiot bvilliot at silicom.fr
Thu Jan 15 15:02:50 UTC 2015 

Hello,

When I execute a test, I've some errors and I don't know why.

For some rules, I get the error : "OVAL object not supported". For these 
rules, the object used is dpkginfo_object. Is dpkginfo_object not really 
supported by OpenScap or is it an error in my oval file ?

Another error I have is : "There was a problem processing referenced 
variable". For exemple, one of my rules check if the PWD_MAX_DAY is set 
in the file /etc/lofin.defs, I have in my oval file :

<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" 
class="compliance" id="oval:fr.gouv.defense:def:1680" version="1">
       <metadata>
         <title>DebConf-32-1</title>
         <affected family="unix">
           <platform>Debian GNU/Linux 6</platform>
         </affected>
         <description>PWD MAX DAYS</description>
       </metadata>
       <criteria operator="AND" comment="AND" negate="false">
         <criterion comment="PWD MAX DAYS" 
test_ref="oval:fr.gouv.defense:tst:1680" negate="false" />
       </criteria>
     </definition>

<textfilecontent54_test 
xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" 
id="oval:fr.gouv.defense:tst:1680" version="1" check="all" 
comment="PASS_MAX_DAYS" check_existence="only_one_exists">
       <object object_ref="oval:fr.gouv.defense:obj:1680" />
     </textfilecontent54_test>

<textfilecontent54_object 
xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" 
id="oval:fr.gouv.defense:obj:1680" version="1" comment="login.defs">
       <path datatype="string" operation="equals">/etc</path>
       <filename datatype="string" operation="equals">login.defs</filename>
       <pattern datatype="string" operation="pattern match" 
var_ref="oval:fr.gouv.defense:var:1684" var_check="all" />
       <instance datatype="int" operation="equals">1</instance>
     </textfilecontent54_object>

<local_variable 
xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" 
id="oval:fr.gouv.defense:var:1684" version="1" comment="random regexp" 
datatype="string">
       <concat>
<literal_component>^PASS_MAX_DAYS\s+</literal_component>
         <variable_component var_ref="oval:fr.gouv.defense:var:1680" />
         <literal_component>\s*.*</literal_component>
       </concat>
     </local_variable>
<external_variable 
xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" 
id="oval:fr.gouv.defense:var:1680" version="1" comment="PASS_MAX_DAYS" 
datatype="string" />

The error seems to come from the external_variable, but I don't really 
know why.

Thanking you in advance,

Baptiste Villiot
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20150115/87eba180/attachment.htm>

More information about the Open-scap-list mailing list