Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update audit_rules_sudoers_d to accept missing trailing slash #12926

Merged
merged 1 commit into from
Jan 31, 2025

Conversation

ggbecker
Copy link
Member

@ggbecker ggbecker commented Jan 29, 2025

Description:

  • Update audit_rules_sudoers_d to accept missing trailing slash.
  • This rule can also accept the directory path without the trailing slash. The change in the regex to make the trailing slash is by marking the character as optional (?).

Rationale:

  • The test scenario that would check for the missing trailing slash is now pass state.

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
This rule can also accept the directory path without the trailing
slash. The change in the regex to make the trailing slash is by marking
the character as optional (?).
@ggbecker ggbecker added RHEL Red Hat Enterprise Linux product related. STIG STIG Benchmark related. labels Jan 29, 2025
@ggbecker ggbecker added this to the 0.1.76 milestone Jan 29, 2025
@openshift-ci openshift-ci bot added the do-not-merge/work-in-progress Used by openshift-ci bot. label Jan 29, 2025
Copy link

openshift-ci bot commented Jan 29, 2025

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@ggbecker ggbecker marked this pull request as ready for review January 29, 2025 08:27
@openshift-ci openshift-ci bot removed the do-not-merge/work-in-progress Used by openshift-ci bot. label Jan 29, 2025
Copy link

codeclimate bot commented Jan 29, 2025

Code Climate has analyzed commit 97dafa0 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 61.9% (0.0% change).

View more on Code Climate.

@jan-cerny jan-cerny self-assigned this Jan 29, 2025
Copy link
Collaborator

@jan-cerny jan-cerny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The scenarios have pass to me

jcerny@fedora:~/work/git/scap-security-guide (pr/12926)$ python3 tests/automatus.py rule --libvirt qemu:///system ssgts_rhel9 audit_rules_sudoers_d
Setting console output to log level INFO
INFO - The base image option has not been specified, choosing libvirt-based test environment.
INFO - Logging into /home/jcerny/work/git/scap-security-guide/logs/rule-custom-2025-01-29-1522/test_suite.log
INFO - xccdf_org.ssgproject.content_rule_audit_rules_sudoers_d
INFO - Script correct.pass.sh using profile (all) OK
INFO - Script correct_without_key.pass.sh using profile (all) OK
INFO - Script empty.fail.sh using profile (all) OK
INFO - Script missing_slash.pass.sh using profile (all) OK
jcerny@fedora:~/work/git/scap-security-guide (pr/12926)$ python3 tests/automatus.py rule --libvirt qemu:///system ssgts_rhel9 --remediate-using ansible audit_rules_sudoers_d
Setting console output to log level INFO
INFO - The base image option has not been specified, choosing libvirt-based test environment.
INFO - Logging into /home/jcerny/work/git/scap-security-guide/logs/rule-custom-2025-01-29-1524/test_suite.log
INFO - xccdf_org.ssgproject.content_rule_audit_rules_sudoers_d
INFO - Script correct.pass.sh using profile (all) OK
INFO - Script correct_without_key.pass.sh using profile (all) OK
INFO - Script empty.fail.sh using profile (all) OK
INFO - Script missing_slash.pass.sh using profile (all) OK

@jan-cerny jan-cerny merged commit e07e134 into ComplianceAsCode:master Jan 31, 2025
102 of 109 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
RHEL Red Hat Enterprise Linux product related. STIG STIG Benchmark related.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants