mirrors/meta-security
1
0
Fork 0
mirror of https://git.yoctoproject.org/meta-security synced 2026-04-20 11:29:37 +00:00
Code Issues Projects Releases Wiki Activity

scap-security-guide: Fix openembedded platform tests

Browse Source 
Update the installed_OS_is_openembedded check to drop the quotes
in the VERSION_ID string to match f451c68667cca of openembedded-core.
Without this fix, all tests are reported as "notapplicable".

Signed-off-by: Akshay Bhat <akshay.bhat@timesys.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Akshay Bhat
2022-02-14 14:08:38 -05:00
committed by Armin Kuster
parent 9cd85e054f
commit caec0c657d
2 changed files with 31 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-installed_OS_is_openembedded-Update-pattern-match.patch Normal file
View File

@@ -0,0 +1,30 @@
From d943e41d64da6af89a6b8224110299ad88747497 Mon Sep 17 00:00:00 2001
From: Akshay Bhat <akshay.bhat@timesys.com>
Date: Mon, 14 Feb 2022 13:00:31 -0500
Subject: [PATCH] installed_OS_is_openembedded: Update pattern match
The VERSION_ID string is no longer quoted with f451c68667cca of
openembedded-core. Update the pattern match check in
installed_OS_is_openembedded to match the same.
Signed-off-by: Akshay Bhat <akshay.bhat@timesys.com>
---
shared/checks/oval/installed_OS_is_openembedded.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/shared/checks/oval/installed_OS_is_openembedded.xml b/shared/checks/oval/installed_OS_is_openembedded.xml
index 01df16b43..eaf9f2b10 100644
--- a/shared/checks/oval/installed_OS_is_openembedded.xml
+++ b/shared/checks/oval/installed_OS_is_openembedded.xml
@@ -23,7 +23,7 @@
</ind:textfilecontent54_test>
<ind:textfilecontent54_object id="obj_openembedded" version="1" comment="Check OpenEmbedded version">
<ind:filepath>/etc/os-release</ind:filepath>
- <ind:pattern operation="pattern match">^VERSION_ID=\"nodistro\.[0-9].$</ind:pattern>
+ <ind:pattern operation="pattern match">^VERSION_ID=nodistro\.[0-9]$</ind:pattern>
<ind:instance datatype="int">1</ind:instance>
</ind:textfilecontent54_object>
--
2.25.1

1
meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide_git.bb
View File

@@ -9,6 +9,7 @@ SRC_URI = "git://github.com/akuster/scap-security-guide.git;branch=oe-0.1.44;;pr
file://0003-fix-remaining-getchildren-and-getiterator-functions.patch \
file://0001-Fix-platform-spec-file-check-tests-in-installed-OS-d.patch \
file://0002-Fix-missing-openembedded-from-ssg-constants.py.patch \
file://0001-installed_OS_is_openembedded-Update-pattern-match.patch \
"
PV = "0.1.44+git${SRCPV}"