From: Simon Lukasik slukasik@redhat.com
Default datatype is string.
Addressing: $ make validate oval:ssg:var:2115 - inconsistent datatype between the variable and an associated var_ref oval:ssg:var:2117 - inconsistent datatype between the variable and an associated var_ref oval:ssg:var:2122 - inconsistent datatype between the variable and an associated var_ref oval:ssg:var:2126 - inconsistent datatype between the variable and an associated var_ref oval:ssg:var:2127 - inconsistent datatype between the variable and an associated var_ref oval:ssg:var:2130 - inconsistent datatype between the variable and an associated var_ref oval:ssg:var:2135 - inconsistent datatype between the variable and an associated var_ref oval:ssg:var:2139 - inconsistent datatype between the variable and an associated var_ref --- RHEL6/input/checks/accounts_disable_post_pw_expiration.xml | 2 +- RHEL6/input/checks/accounts_max_concurrent_login_sessions.xml | 2 +- RHEL6/input/checks/accounts_maximum_age_login_defs.xml | 2 +- RHEL6/input/checks/accounts_minimum_age_login_defs.xml | 2 +- RHEL6/input/checks/accounts_password_minlen_login_defs.xml | 2 +- RHEL6/input/checks/accounts_password_warn_age_login_defs.xml | 2 +- RHEL6/input/checks/auditd_data_retention_max_log_file.xml | 2 +- RHEL6/input/checks/auditd_data_retention_num_logs.xml | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/RHEL6/input/checks/accounts_disable_post_pw_expiration.xml b/RHEL6/input/checks/accounts_disable_post_pw_expiration.xml index b93ee63..429e9db 100644 --- a/RHEL6/input/checks/accounts_disable_post_pw_expiration.xml +++ b/RHEL6/input/checks/accounts_disable_post_pw_expiration.xml @@ -26,7 +26,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_etc_default_useradd_inactive" version="1"> - <ind:subexpression operation="less than or equal" var_ref="var_account_disable_post_pw_expiration" /> + <ind:subexpression operation="less than or equal" var_ref="var_account_disable_post_pw_expiration" datatype="int" /> </ind:textfilecontent54_state>
<ind:textfilecontent54_state id="state_etc_default_useradd_inactive_nonnegative" version="1"> diff --git a/RHEL6/input/checks/accounts_max_concurrent_login_sessions.xml b/RHEL6/input/checks/accounts_max_concurrent_login_sessions.xml index 53a9d13..eda8052 100644 --- a/RHEL6/input/checks/accounts_max_concurrent_login_sessions.xml +++ b/RHEL6/input/checks/accounts_max_concurrent_login_sessions.xml @@ -25,7 +25,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_maxlogins" version="1"> - <ind:subexpression operation="greater than or equal" var_ref="max_concurrent_login_sessions_value" /> + <ind:subexpression operation="greater than or equal" var_ref="max_concurrent_login_sessions_value" datatype="int" /> </ind:textfilecontent54_state>
<external_variable comment="maximum password age" datatype="int" id="max_concurrent_login_sessions_value" version="1" /> diff --git a/RHEL6/input/checks/accounts_maximum_age_login_defs.xml b/RHEL6/input/checks/accounts_maximum_age_login_defs.xml index 0640a3e..090435a 100644 --- a/RHEL6/input/checks/accounts_maximum_age_login_defs.xml +++ b/RHEL6/input/checks/accounts_maximum_age_login_defs.xml @@ -25,7 +25,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_password_max_age" version="1"> - <ind:subexpression operation="less than or equal" var_ref="var_password_max_age" /> + <ind:subexpression operation="less than or equal" var_ref="var_password_max_age" datatype="int" /> </ind:textfilecontent54_state>
<external_variable comment="maximum password age" datatype="int" id="var_password_max_age" version="1" /> diff --git a/RHEL6/input/checks/accounts_minimum_age_login_defs.xml b/RHEL6/input/checks/accounts_minimum_age_login_defs.xml index 21b02af..6de9779 100644 --- a/RHEL6/input/checks/accounts_minimum_age_login_defs.xml +++ b/RHEL6/input/checks/accounts_minimum_age_login_defs.xml @@ -26,7 +26,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_etc_login_defs_pass_min_age" version="1"> - <ind:subexpression operation="greater than or equal" var_ref="var_password_min_age" /> + <ind:subexpression operation="greater than or equal" var_ref="var_password_min_age" datatype="int" /> </ind:textfilecontent54_state>
<external_variable comment="minimum password age in days" datatype="int" id="var_password_min_age" version="1" /> diff --git a/RHEL6/input/checks/accounts_password_minlen_login_defs.xml b/RHEL6/input/checks/accounts_password_minlen_login_defs.xml index 76d2132..4dd66c8 100644 --- a/RHEL6/input/checks/accounts_password_minlen_login_defs.xml +++ b/RHEL6/input/checks/accounts_password_minlen_login_defs.xml @@ -37,7 +37,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_password_min_len" version="1"> - <ind:subexpression operation="greater than or equal" var_ref="var_password_min_len" /> + <ind:subexpression operation="greater than or equal" var_ref="var_password_min_len" datatype="int" /> </ind:textfilecontent54_state>
<external_variable comment="password minimum length" datatype="int" id="var_password_min_len" version="1" /> diff --git a/RHEL6/input/checks/accounts_password_warn_age_login_defs.xml b/RHEL6/input/checks/accounts_password_warn_age_login_defs.xml index ed4fb8f..7c153e7 100644 --- a/RHEL6/input/checks/accounts_password_warn_age_login_defs.xml +++ b/RHEL6/input/checks/accounts_password_warn_age_login_defs.xml @@ -27,7 +27,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_etc_login_defs_pass_warn_age" version="1"> - <ind:subexpression operation="greater than or equal" var_ref="var_password_warn_age" /> + <ind:subexpression operation="greater than or equal" var_ref="var_password_warn_age" datatype="int" /> </ind:textfilecontent54_state>
<external_variable comment="password expiration warning age in days" datatype="int" id="var_password_warn_age" version="1" /> diff --git a/RHEL6/input/checks/auditd_data_retention_max_log_file.xml b/RHEL6/input/checks/auditd_data_retention_max_log_file.xml index b8aba36..7087e7a 100644 --- a/RHEL6/input/checks/auditd_data_retention_max_log_file.xml +++ b/RHEL6/input/checks/auditd_data_retention_max_log_file.xml @@ -26,7 +26,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_auditd_data_retention_max_log_file" version="1"> - <ind:subexpression operation="greater than or equal" var_ref="var_auditd_max_log_file" /> + <ind:subexpression operation="greater than or equal" var_ref="var_auditd_max_log_file" datatype="int" /> </ind:textfilecontent54_state>
<external_variable comment="audit max_log_file settting" datatype="int" id="var_auditd_max_log_file" version="1" /> diff --git a/RHEL6/input/checks/auditd_data_retention_num_logs.xml b/RHEL6/input/checks/auditd_data_retention_num_logs.xml index ad2fc7e..b46e734 100644 --- a/RHEL6/input/checks/auditd_data_retention_num_logs.xml +++ b/RHEL6/input/checks/auditd_data_retention_num_logs.xml @@ -26,7 +26,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_auditd_data_retention_num_logs" version="1"> - <ind:subexpression operation="greater than or equal" var_ref="var_auditd_num_logs" /> + <ind:subexpression operation="greater than or equal" var_ref="var_auditd_num_logs" datatype="int" /> </ind:textfilecontent54_state>
<external_variable comment="audit num_logs settting" datatype="int" id="var_auditd_num_logs" version="1" />
On 06/05/2013 06:53 AM, Simon Lukasik wrote:
From: Simon Lukasik slukasik@redhat.com
Default datatype is string.
Addressing: $ make validate oval:ssg:var:2115 - inconsistent datatype between the variable and an associated var_ref oval:ssg:var:2117 - inconsistent datatype between the variable and an associated var_ref oval:ssg:var:2122 - inconsistent datatype between the variable and an associated var_ref oval:ssg:var:2126 - inconsistent datatype between the variable and an associated var_ref oval:ssg:var:2127 - inconsistent datatype between the variable and an associated var_ref oval:ssg:var:2130 - inconsistent datatype between the variable and an associated var_ref oval:ssg:var:2135 - inconsistent datatype between the variable and an associated var_ref oval:ssg:var:2139 - inconsistent datatype between the variable and an associated var_ref
RHEL6/input/checks/accounts_disable_post_pw_expiration.xml | 2 +- RHEL6/input/checks/accounts_max_concurrent_login_sessions.xml | 2 +- RHEL6/input/checks/accounts_maximum_age_login_defs.xml | 2 +- RHEL6/input/checks/accounts_minimum_age_login_defs.xml | 2 +- RHEL6/input/checks/accounts_password_minlen_login_defs.xml | 2 +- RHEL6/input/checks/accounts_password_warn_age_login_defs.xml | 2 +- RHEL6/input/checks/auditd_data_retention_max_log_file.xml | 2 +- RHEL6/input/checks/auditd_data_retention_num_logs.xml | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/RHEL6/input/checks/accounts_disable_post_pw_expiration.xml b/RHEL6/input/checks/accounts_disable_post_pw_expiration.xml index b93ee63..429e9db 100644 --- a/RHEL6/input/checks/accounts_disable_post_pw_expiration.xml +++ b/RHEL6/input/checks/accounts_disable_post_pw_expiration.xml @@ -26,7 +26,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_etc_default_useradd_inactive" version="1">
- <ind:subexpression operation="less than or equal" var_ref="var_account_disable_post_pw_expiration" />
<ind:subexpression operation="less than or equal" var_ref="var_account_disable_post_pw_expiration" datatype="int" /> </ind:textfilecontent54_state>
<ind:textfilecontent54_state id="state_etc_default_useradd_inactive_nonnegative" version="1">
diff --git a/RHEL6/input/checks/accounts_max_concurrent_login_sessions.xml b/RHEL6/input/checks/accounts_max_concurrent_login_sessions.xml index 53a9d13..eda8052 100644 --- a/RHEL6/input/checks/accounts_max_concurrent_login_sessions.xml +++ b/RHEL6/input/checks/accounts_max_concurrent_login_sessions.xml @@ -25,7 +25,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_maxlogins" version="1">
- <ind:subexpression operation="greater than or equal" var_ref="max_concurrent_login_sessions_value" />
<ind:subexpression operation="greater than or equal" var_ref="max_concurrent_login_sessions_value" datatype="int" /> </ind:textfilecontent54_state>
<external_variable comment="maximum password age" datatype="int" id="max_concurrent_login_sessions_value" version="1" />
diff --git a/RHEL6/input/checks/accounts_maximum_age_login_defs.xml b/RHEL6/input/checks/accounts_maximum_age_login_defs.xml index 0640a3e..090435a 100644 --- a/RHEL6/input/checks/accounts_maximum_age_login_defs.xml +++ b/RHEL6/input/checks/accounts_maximum_age_login_defs.xml @@ -25,7 +25,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_password_max_age" version="1">
- <ind:subexpression operation="less than or equal" var_ref="var_password_max_age" />
<ind:subexpression operation="less than or equal" var_ref="var_password_max_age" datatype="int" /> </ind:textfilecontent54_state>
<external_variable comment="maximum password age" datatype="int" id="var_password_max_age" version="1" />
diff --git a/RHEL6/input/checks/accounts_minimum_age_login_defs.xml b/RHEL6/input/checks/accounts_minimum_age_login_defs.xml index 21b02af..6de9779 100644 --- a/RHEL6/input/checks/accounts_minimum_age_login_defs.xml +++ b/RHEL6/input/checks/accounts_minimum_age_login_defs.xml @@ -26,7 +26,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_etc_login_defs_pass_min_age" version="1">
- <ind:subexpression operation="greater than or equal" var_ref="var_password_min_age" />
<ind:subexpression operation="greater than or equal" var_ref="var_password_min_age" datatype="int" /> </ind:textfilecontent54_state>
<external_variable comment="minimum password age in days" datatype="int" id="var_password_min_age" version="1" />
diff --git a/RHEL6/input/checks/accounts_password_minlen_login_defs.xml b/RHEL6/input/checks/accounts_password_minlen_login_defs.xml index 76d2132..4dd66c8 100644 --- a/RHEL6/input/checks/accounts_password_minlen_login_defs.xml +++ b/RHEL6/input/checks/accounts_password_minlen_login_defs.xml @@ -37,7 +37,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_password_min_len" version="1">
- <ind:subexpression operation="greater than or equal" var_ref="var_password_min_len" />
<ind:subexpression operation="greater than or equal" var_ref="var_password_min_len" datatype="int" /> </ind:textfilecontent54_state>
<external_variable comment="password minimum length" datatype="int" id="var_password_min_len" version="1" />
diff --git a/RHEL6/input/checks/accounts_password_warn_age_login_defs.xml b/RHEL6/input/checks/accounts_password_warn_age_login_defs.xml index ed4fb8f..7c153e7 100644 --- a/RHEL6/input/checks/accounts_password_warn_age_login_defs.xml +++ b/RHEL6/input/checks/accounts_password_warn_age_login_defs.xml @@ -27,7 +27,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_etc_login_defs_pass_warn_age" version="1">
- <ind:subexpression operation="greater than or equal" var_ref="var_password_warn_age" />
<ind:subexpression operation="greater than or equal" var_ref="var_password_warn_age" datatype="int" /> </ind:textfilecontent54_state>
<external_variable comment="password expiration warning age in days" datatype="int" id="var_password_warn_age" version="1" />
diff --git a/RHEL6/input/checks/auditd_data_retention_max_log_file.xml b/RHEL6/input/checks/auditd_data_retention_max_log_file.xml index b8aba36..7087e7a 100644 --- a/RHEL6/input/checks/auditd_data_retention_max_log_file.xml +++ b/RHEL6/input/checks/auditd_data_retention_max_log_file.xml @@ -26,7 +26,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_auditd_data_retention_max_log_file" version="1">
- <ind:subexpression operation="greater than or equal" var_ref="var_auditd_max_log_file" />
<ind:subexpression operation="greater than or equal" var_ref="var_auditd_max_log_file" datatype="int" /> </ind:textfilecontent54_state>
<external_variable comment="audit max_log_file settting" datatype="int" id="var_auditd_max_log_file" version="1" />
diff --git a/RHEL6/input/checks/auditd_data_retention_num_logs.xml b/RHEL6/input/checks/auditd_data_retention_num_logs.xml index ad2fc7e..b46e734 100644 --- a/RHEL6/input/checks/auditd_data_retention_num_logs.xml +++ b/RHEL6/input/checks/auditd_data_retention_num_logs.xml @@ -26,7 +26,7 @@ </ind:textfilecontent54_object>
<ind:textfilecontent54_state id="state_auditd_data_retention_num_logs" version="1">
- <ind:subexpression operation="greater than or equal" var_ref="var_auditd_num_logs" />
<ind:subexpression operation="greater than or equal" var_ref="var_auditd_num_logs" datatype="int" /> </ind:textfilecontent54_state>
<external_variable comment="audit num_logs settting" datatype="int" id="var_auditd_num_logs" version="1" />
ACK, everything checks out here!
- Maura Dailey
scap-security-guide@lists.fedorahosted.org
-
Maura Dailey -
Šimon Lukašík