On 8/1/14, 4:35 PM, Jeremiah Jahn wrote:
not just sufficient?
diff --git a/shared/oval/set_password_hashing_algorithm_systemauth.xml
b/shared/oval/set_password_hashing_algorithm_systemauth.xml
index 8a5525e..2d71e8b 100644
--- a/shared/oval/set_password_hashing_algorithm_systemauth.xml
+++ b/shared/oval/set_password_hashing_algorithm_systemauth.xml
@@ -20,7 +20,7 @@
<ind:textfilecontent54_object comment="check /etc/pam.d/system-auth
for correct settings" id="object_pam_unix_sha512"
version="1">
<ind:filepath>/etc/pam.d/system-auth</ind:filepath>
- <ind:pattern operation="pattern
match">^[\s]*password[\s]+sufficient[\s]+pam_unix\.so[\s]+.*sha512.*$</ind:pattern>
+ <ind:pattern operation="pattern
match">^[\s]*password[\s]+(?:(?:required)|(?:sufficient))[\s]+pam_unix\.so[\s]+.*sha512.*$</ind:pattern>
<ind:instance datatype="int">1</ind:instance>
</ind:textfilecontent54_object>
Yes, absolutely. Ack
(please indicate if you need someone to push for you)