3:35 p.m.
not just sufficient?
diff --git a/shared/oval/set_password_hashing_algorithm_systemauth.xml
b/shared/oval/set_password_hashing_algorithm_systemauth.xml
index 8a5525e..2d71e8b 100644
--- a/shared/oval/set_password_hashing_algorithm_systemauth.xml
+++ b/shared/oval/set_password_hashing_algorithm_systemauth.xml
@@ -20,7 +20,7 @@
<ind:textfilecontent54_object comment="check /etc/pam.d/system-auth
for correct settings" id="object_pam_unix_sha512"
version="1">
<ind:filepath>/etc/pam.d/system-auth</ind:filepath>
- <ind:pattern operation="pattern
match">^[\s]*password[\s]+sufficient[\s]+pam_unix\.so[\s]+.*sha512.*$</ind:pattern>
+ <ind:pattern operation="pattern
match">^[\s]*password[\s]+(?:(?:required)|(?:sufficient))[\s]+pam_unix\.so[\s]+.*sha512.*$</ind:pattern>
<ind:instance datatype="int">1</ind:instance>
</ind:textfilecontent54_object>
6:35 p.m.
On 8/1/14, 4:35 PM, Jeremiah Jahn wrote:
not just sufficient?
diff --git a/shared/oval/set_password_hashing_algorithm_systemauth.xml
b/shared/oval/set_password_hashing_algorithm_systemauth.xml
index 8a5525e..2d71e8b 100644
--- a/shared/oval/set_password_hashing_algorithm_systemauth.xml
+++ b/shared/oval/set_password_hashing_algorithm_systemauth.xml
@@ -20,7 +20,7 @@
<ind:textfilecontent54_object comment="check /etc/pam.d/system-auth
for correct settings" id="object_pam_unix_sha512"
version="1">
<ind:filepath>/etc/pam.d/system-auth</ind:filepath>
- <ind:pattern operation="pattern
match">^[\s]*password[\s]+sufficient[\s]+pam_unix\.so[\s]+.*sha512.*$</ind:pattern>
+ <ind:pattern operation="pattern
match">^[\s]*password[\s]+(?:(?:required)|(?:sufficient))[\s]+pam_unix\.so[\s]+.*sha512.*$</ind:pattern>
<ind:instance datatype="int">1</ind:instance>
</ind:textfilecontent54_object>
Yes, absolutely. Ack
(please indicate if you need someone to push for you)
9:30 p.m.
(please indicate if you need someone to push for you) ?
not quite sure what you mean, so that's probably a yes...
On Tue, Aug 5, 2014 at 6:35 PM, Shawn Wells <shawn(a)redhat.com> wrote:
On 8/1/14, 4:35 PM, Jeremiah Jahn wrote:
>
> not just sufficient?
>
> diff --git a/shared/oval/set_password_hashing_algorithm_systemauth.xml
> b/shared/oval/set_password_hashing_algorithm_systemauth.xml
> index 8a5525e..2d71e8b 100644
> --- a/shared/oval/set_password_hashing_algorithm_systemauth.xml
> +++ b/shared/oval/set_password_hashing_algorithm_systemauth.xml
> @@ -20,7 +20,7 @@
>
> <ind:textfilecontent54_object comment="check /etc/pam.d/system-auth
> for correct settings" id="object_pam_unix_sha512"
version="1">
> <ind:filepath>/etc/pam.d/system-auth</ind:filepath>
> - <ind:pattern operation="pattern
>
>
match">^[\s]*password[\s]+sufficient[\s]+pam_unix\.so[\s]+.*sha512.*$</ind:pattern>
> + <ind:pattern operation="pattern
>
>
match">^[\s]*password[\s]+(?:(?:required)|(?:sufficient))[\s]+pam_unix\.so[\s]+.*sha512.*$</ind:pattern>
> <ind:instance datatype="int">1</ind:instance>
> </ind:textfilecontent54_object>
Yes, absolutely. Ack
(please indicate if you need someone to push for you)
--
SCAP Security Guide mailing list
scap-security-guide(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
https://github.com/OpenSCAP/scap-security-guide/
9:11 a.m.
Is there a place to indicate the format you would like bug patches to
be sent in? I'm happy to follow any guides you have to make your life
easier.
On Tue, Aug 5, 2014 at 9:30 PM, Jeremiah Jahn
<jeremiah(a)goodinassociates.com> wrote:
(please indicate if you need someone to push for you) ?
not quite sure what you mean, so that's probably a yes...
On Tue, Aug 5, 2014 at 6:35 PM, Shawn Wells <shawn(a)redhat.com> wrote:
>
> On 8/1/14, 4:35 PM, Jeremiah Jahn wrote:
>>
>> not just sufficient?
>>
>> diff --git a/shared/oval/set_password_hashing_algorithm_systemauth.xml
>> b/shared/oval/set_password_hashing_algorithm_systemauth.xml
>> index 8a5525e..2d71e8b 100644
>> --- a/shared/oval/set_password_hashing_algorithm_systemauth.xml
>> +++ b/shared/oval/set_password_hashing_algorithm_systemauth.xml
>> @@ -20,7 +20,7 @@
>>
>> <ind:textfilecontent54_object comment="check /etc/pam.d/system-auth
>> for correct settings" id="object_pam_unix_sha512"
version="1">
>> <ind:filepath>/etc/pam.d/system-auth</ind:filepath>
>> - <ind:pattern operation="pattern
>>
>>
match">^[\s]*password[\s]+sufficient[\s]+pam_unix\.so[\s]+.*sha512.*$</ind:pattern>
>> + <ind:pattern operation="pattern
>>
>>
match">^[\s]*password[\s]+(?:(?:required)|(?:sufficient))[\s]+pam_unix\.so[\s]+.*sha512.*$</ind:pattern>
>> <ind:instance datatype="int">1</ind:instance>
>> </ind:textfilecontent54_object>
>
>
> Yes, absolutely. Ack
>
> (please indicate if you need someone to push for you)
> --
> SCAP Security Guide mailing list
> scap-security-guide(a)lists.fedorahosted.org
> https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
> https://github.com/OpenSCAP/scap-security-guide/
9:42 a.m.
Hello Jeremiah,
Here would be a good place
https://fedorahosted.org/scap-security-guide/wiki/becomeadeveloper to show
you how to generate a formatted patch file.
You can request git push access (might take a while) or email the formatted
patch file to the list so that one of us can push it.
Thanks,
Gabe
On Wed, Aug 6, 2014 at 8:11 AM, Jeremiah Jahn <jeremiah(a)goodinassociates.com
wrote:
> Is there a place to indicate the format you would like bug patches to
> be sent in? I'm happy to follow any guides you have to make your life
> easier.
>
> On Tue, Aug 5, 2014 at 9:30 PM, Jeremiah Jahn
> <jeremiah(a)goodinassociates.com wrote:
> > (please indicate if you need someone to push for you) ?
> >
> > not quite sure what you mean, so that's probably a yes...
> >
> > On Tue, Aug 5, 2014 at 6:35 PM, Shawn Wells <shawn(a)redhat.com wrote:
> >>
> >> On 8/1/14, 4:35 PM, Jeremiah Jahn wrote:
> >>>
> >>> not just sufficient?
> >>>
> >>> diff --git a/shared/oval/set_password_hashing_algorithm_systemauth.xml
> >>> b/shared/oval/set_password_hashing_algorithm_systemauth.xml
> >>> index 8a5525e..2d71e8b 100644
> >>> --- a/shared/oval/set_password_hashing_algorithm_systemauth.xml
> >>> +++ b/shared/oval/set_password_hashing_algorithm_systemauth.xml
> >>> @@ -20,7 +20,7 @@
> >>>
> >>> <ind:textfilecontent54_object comment="check
/etc/pam.d/system-auth
> >>> for correct settings" id="object_pam_unix_sha512"
version="1">
> >>> <ind:filepath>/etc/pam.d/system-auth</ind:filepath>
> >>> - <ind:pattern operation="pattern
> >>>
> >>>
>
match">^[\s]*password[\s]+sufficient[\s]+pam_unix\.so[\s]+.*sha512.*$</ind:pattern>
> >>> + <ind:pattern operation="pattern
> >>>
> >>>
>
match">^[\s]*password[\s]+(?:(?:required)|(?:sufficient))[\s]+pam_unix\.so[\s]+.*sha512.*$</ind:pattern>
> >>> <ind:instance
datatype="int">1</ind:instance>
> >>> </ind:textfilecontent54_object>
> >>
> >>
> >> Yes, absolutely. Ack
> >>
> >> (please indicate if you need someone to push for you)
> >> --
> >> SCAP Security Guide mailing list
> >> scap-security-guide(a)lists.fedorahosted.org
> >> https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
> >> https://github.com/OpenSCAP/scap-security-guide/
> --
> SCAP Security Guide mailing list
> scap-security-guide(a)lists.fedorahosted.org
> https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
> https://github.com/OpenSCAP/scap-security-guide/
>
11:55 a.m.
awesome thanks, that's what I needed. must have just missed it somehow.
On Wed, Aug 6, 2014 at 9:42 AM, Gabe Alford <redhatrises(a)gmail.com> wrote:
Hello Jeremiah,
Here would be a good place
https://fedorahosted.org/scap-security-guide/wiki/becomeadeveloper to show
you how to generate a formatted patch file.
You can request git push access (might take a while) or email the formatted
patch file to the list so that one of us can push it.
Thanks,
Gabe
On Wed, Aug 6, 2014 at 8:11 AM, Jeremiah Jahn
<jeremiah(a)goodinassociates.com> wrote:
>
> Is there a place to indicate the format you would like bug patches to
> be sent in? I'm happy to follow any guides you have to make your life
> easier.
>
> On Tue, Aug 5, 2014 at 9:30 PM, Jeremiah Jahn
> <jeremiah(a)goodinassociates.com> wrote:
> > (please indicate if you need someone to push for you) ?
> >
> > not quite sure what you mean, so that's probably a yes...
> >
> > On Tue, Aug 5, 2014 at 6:35 PM, Shawn Wells <shawn(a)redhat.com> wrote:
> >>
> >> On 8/1/14, 4:35 PM, Jeremiah Jahn wrote:
> >>>
> >>> not just sufficient?
> >>>
> >>> diff --git a/shared/oval/set_password_hashing_algorithm_systemauth.xml
> >>> b/shared/oval/set_password_hashing_algorithm_systemauth.xml
> >>> index 8a5525e..2d71e8b 100644
> >>> --- a/shared/oval/set_password_hashing_algorithm_systemauth.xml
> >>> +++ b/shared/oval/set_password_hashing_algorithm_systemauth.xml
> >>> @@ -20,7 +20,7 @@
> >>>
> >>> <ind:textfilecontent54_object comment="check
> >>> /etc/pam.d/system-auth
> >>> for correct settings" id="object_pam_unix_sha512"
version="1">
> >>> <ind:filepath>/etc/pam.d/system-auth</ind:filepath>
> >>> - <ind:pattern operation="pattern
> >>>
> >>>
> >>>
match">^[\s]*password[\s]+sufficient[\s]+pam_unix\.so[\s]+.*sha512.*$</ind:pattern>
> >>> + <ind:pattern operation="pattern
> >>>
> >>>
> >>>
match">^[\s]*password[\s]+(?:(?:required)|(?:sufficient))[\s]+pam_unix\.so[\s]+.*sha512.*$</ind:pattern>
> >>> <ind:instance
datatype="int">1</ind:instance>
> >>> </ind:textfilecontent54_object>
> >>
> >>
> >> Yes, absolutely. Ack
> >>
> >> (please indicate if you need someone to push for you)
> >> --
> >> SCAP Security Guide mailing list
> >> scap-security-guide(a)lists.fedorahosted.org
> >> https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
> >> https://github.com/OpenSCAP/scap-security-guide/
> --
> SCAP Security Guide mailing list
> scap-security-guide(a)lists.fedorahosted.org
> https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
> https://github.com/OpenSCAP/scap-security-guide/
--
SCAP Security Guide mailing list
scap-security-guide(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
https://github.com/OpenSCAP/scap-security-guide/
2:17 p.m.
On 8/6/14, 10:11 AM, Jeremiah Jahn wrote:
Is there a place to indicate the format you would like bug patches
to
be sent in? I'm happy to follow any guides you have to make your life
easier.
On the existing FedoraHosted repo we must approve accounts to receive
'push' permissions manually. I wasn't sure if someone approved you yet.
This issue will be resolved once we move to GitHub.
On Tue, Aug 5, 2014 at 9:30 PM, Jeremiah Jahn
<jeremiah(a)goodinassociates.com> wrote:
> >(please indicate if you need someone to push for you) ?
> >
> >not quite sure what you mean, so that's probably a yes...
Pushed:
$ git push
Enter passphrase for key '/home/shawnw/.ssh/id_rsa':
Counting objects: 9, done.
Delta compression using up to 2 threads.
Compressing objects: 100% (5/5), done.
Writing objects: 100% (5/5), 573 bytes, done.
Total 5 (delta 3), reused 0 (delta 0)
To ssh://shawndwells@git.fedorahosted.org/git/scap-security-guide.git
e354b3c..c359973 master -> master
Welcome to the commiter club ;)
Ref
https://git.fedorahosted.org/cgit/scap-security-guide.git/commit/?id=c359...
--
Shawn Wells
shawn(a)redhat.com | 443.534.0130
@shawndwells
3556
days inactive
3561
days old
scap-security-guide@lists.fedorahosted.org
6 comments
3 participants
participants (3)
-
Gabe Alford -
Jeremiah Jahn -
Shawn Wells