File: cpe-oval.template

package info (click to toggle)
scap-security-guide 0.1.76-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 110,644 kB
  • sloc: xml: 241,883; sh: 73,777; python: 32,527; makefile: 27
file content (51 lines) | stat: -rw-r--r-- 2,675 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
<def-group>
  <definition class="inventory" id="{{{ _RULE_ID }}}" version="1">
    {{%- if VER_SPECS_TITLE -%}}
      {{%- set description = "The installed operating system is " + OS_NAME -%}}
    {{%- else -%}}
      {{%- set description = "The installed operating system is " + OS_NAME + " version " + VER_SPECS_TITLE -%}}
    {{%- endif -%}}
    {{{ oval_metadata(description, affected_platforms=["multi_platform_all"]) }}}
    <criteria operator="AND">
      <criterion comment="The operating system installed on the system is {{{ OS_NAME }}}"
      test_ref="test_os_id_is_{{{ ID }}}" />
      {{% for spec in VER_SPECS %}}
        <criterion comment="The operating system {{{ OS_NAME }}} of version {{{ spec.evr_op }}} {{{ spec.ver }}} is installed"
        test_ref="test_{{{ _RULE_ID }}}_{{{ spec.id }}}" />
      {{% endfor %}}
    </criteria>
  </definition>

  <ind:textfilecontent54_test check="all" comment="ID in os-release is {{{ OS_ID }}}" id="test_os_id_is_{{{ ID }}}" version="1">
    <ind:object object_ref="obj_os_id_is_{{{ ID }}}" />
    <ind:state state_ref="state_os_id_is_{{{ ID }}}" />
  </ind:textfilecontent54_test>

  <ind:textfilecontent54_object id="obj_os_id_is_{{{ ID }}}" version="1">
    <ind:filepath>/etc/os-release</ind:filepath>
    <ind:pattern operation="pattern match">^ID=[&quot;&apos;]?(\w+)[&quot;&apos;]?$</ind:pattern>
    <ind:instance operation="greater than or equal" datatype="int">1</ind:instance>
  </ind:textfilecontent54_object>

  <ind:textfilecontent54_state id="state_os_id_is_{{{ ID }}}" version="1">
    <ind:subexpression operation="pattern match">{{{ OS_ID }}}</ind:subexpression>
  </ind:textfilecontent54_state>

{{% for spec in VER_SPECS %}}
  <ind:textfilecontent54_test check="all" comment="VERSION_ID in os-release is {{{ spec.evr_op }}} {{{ spec.ver }}}" id="test_{{{ _RULE_ID }}}_{{{ spec.id }}}" version="1">
    <ind:object object_ref="obj_{{{ _RULE_ID }}}_{{{ spec.id }}}" />
    <ind:state state_ref="state_{{{ _RULE_ID }}}_{{{ spec.id }}}" />
  </ind:textfilecontent54_test>

  <ind:textfilecontent54_object id="obj_{{{ _RULE_ID }}}_{{{ spec.id }}}" version="1">
    <ind:filepath>/etc/os-release</ind:filepath>
    <ind:pattern operation="pattern match">^VERSION_ID=[&quot;&apos;]?([\w.]+)[&quot;&apos;]?$</ind:pattern>
    <ind:instance operation="greater than or equal" datatype="int">1</ind:instance>
  </ind:textfilecontent54_object>

  <ind:textfilecontent54_state id="state_{{{ _RULE_ID }}}_{{{ spec.id }}}" version="1">
    <ind:subexpression operation="{{{ spec.evr_op }}}" datatype="version">{{{ spec.ver }}}</ind:subexpression>
  </ind:textfilecontent54_state>
{{% endfor %}}

</def-group>