In PR 4447 , looks like test cases for a single rule are being ran
multiple times per profile:
On 6/24/19 11:49 AM, Gabriel Gaspar Becker wrote:
> |INFO - Script both-correct.pass.sh using profile
> xccdf_org.ssgproject.content_profile_cui OK INFO - Script
> both-correct.pass.sh using profile
> xccdf_org.ssgproject.content_profile_ospp OK|
How come the test harness tests the same rule multiple times?
Why not test each rule once? Seems like it would reduce the testing time
I'm afraid we hit the limitation of OVAL specification:
> The required object_ref attribute provides a reference to an existing
OVAL Object declaration. The referenced OVAL Object specifies a set of OVAL
Items to collect. Note that an OVAL Object might identify 0, 1, or many
OVAL Items on a system. If no items are found on the system then an error
should be reported when determining the value of an ObjectComponentType. If
1 or more OVAL Items are found then each OVAL Item will be considered and
the ObjectComponentType may have one or more values.
I think that the workaround could be that the regular expression always
matches at least an empty string. Then I think the variable will not be
empty but it would contain an item that contains an empty string, so the
concatenation could proceed. I haven't tried it if it works, though.
On Fri, May 31, 2019 at 3:26 PM Ilya Okomin <ilya.okomin(a)oracle.com> wrote:
> Hi Team,
> I need some piece of advice how to implement join in OVAL for variables if
> some of them are empty .
> I'm looking at the existing example from master which uses
> <concat>-<split>. However this code doesn't work as expected for empty
> variable var_rfg_include_config_regex in <concat> - returned result "no
> value", while expected would be "%^/etc/rsyslog.conf$":
> Note: UniqueFunctionType
> looks more applicable here, but it doesn't work as well with the same
> reason - returned result is "no value" when one of variables is empty.
> Can any approach be suggested to avoid getting "no value" and return
> expected result for sample var_rfg_all_log_files_as_string_regex variable
> (with joined values from defined only variables/objects)?
> Open-scap-list mailing list
Security Technologies | Red Hat, Inc.
Attempting to use the RHEL 8 data streams, but even 'oscap info' fails
using the latest release :
> # oscap info /usr/share/xml/scap/ssg/content/ssg-rhel8-ds-1.3.xml
> Document type: Source Data Stream
> Imported: 2019-06-02T11:16:07
> Stream: scap_org.open-scap_datastream_from_xccdf_ssg-rhel8-xccdf-1.2.xml
> Generated: (null)
> Version: 1.3
> Ref-Id: scap_org.open-scap_cref_ssg-rhel8-xccdf-1.2.xml
> WARNING: Datastream component
> points out to the remote
> Use '--fetch-remote-resources' option to download it.
> WARNING: Skipping
> file which is referenced from datastream
> OpenSCAP Error: Could not extract
> scap_org.open-scap_cref_ssg-rhel8-xccdf-1.2.xml with all dependencies
> from datastream. [ds_sds_session.c:211]
Looking at the ssg-rhel8-ds-1.3 file there are lots of mentions to SCAP
1.2 instead of 1.3?