I'd like to test the content but I don't know which OVAL tests are considered
to be OK. I mean they are "implemented" correctly.
My assumption is that tests from one of the XCCDF profiles should be OK. Could
you please clarify it. The reason I'm asking is that I don't want to report
you issues that you are already aware of. :)
I have noticed new rpm_verify.xml check with following commit message:
" the "rpm_verify.xml" check now works but a word of caution:
* it creates an approximately 250M results file
* it takes a long time to execute on a reasonably powerful system"
It's true that OVAL rpmverify is not used effectively here. You collect all
rpmverify items from all packages on a system. This is not very happy
I suggest changing logic of the test. Filter out items you don't need. :)
(thnx. to <mitr(a)redhat.com>)
<lin-def:rpmverify_test check_existence="none_exist" id="oval:org.open-
scap:tst:1001" version="1" check="all" comment="Files with changed
<lin-def:rpmverify_object id="oval:org.open-scap:obj:1001" version="1"
comment="(RPM)Verify all files">
<lin-def:behaviors nodeps="true" nofiles="false" nodigest="true"
noscripts="true" nosignature="true" nomd5="true"/>
<lin-def:name operation="pattern match">.*</lin-def:name>
<lin-def:filepath operation="pattern match">.*</lin-def:filepath>
<lin-def:rpmverify_state id="oval:org.open-scap:ste:1001" version="1">