The macros for checking file ownership were changed to allow proper checking of symlinks, using "ls -lL" instead of "ls -l".
David Smith (1): modified file ownership check macros to reflect "ls -lL"
RHEL6/transforms/shorthand2xccdf.xslt | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-)
Signed-off-by: David Smith dsmith@eclipse.ncsc.mil --- RHEL6/transforms/shorthand2xccdf.xslt | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/RHEL6/transforms/shorthand2xccdf.xslt b/RHEL6/transforms/shorthand2xccdf.xslt index 79249d4..1a849e2 100644 --- a/RHEL6/transforms/shorthand2xccdf.xslt +++ b/RHEL6/transforms/shorthand2xccdf.xslt @@ -300,14 +300,14 @@ exclude-result-prefixes="xccdf xhtml dc">
<xsl:template match="fileowner-check-macro"> To check the ownership of xhtml:code<xsl:value-of select="@file"/></xhtml:code>, run the command: - xhtml:pre$ ls -l <xsl:value-of select="@file"/></xhtml:pre> + xhtml:pre$ ls -lL <xsl:value-of select="@file"/></xhtml:pre> If properly configured, the output should indicate the following owner: xhtml:code<xsl:value-of select="@owner"/></xhtml:code> </xsl:template>
<xsl:template match="filegroupowner-check-macro"> To check the group ownership of xhtml:code<xsl:value-of select="@file"/></xhtml:code>, run the command: - xhtml:pre$ ls -l <xsl:value-of select="@file"/></xhtml:pre> + xhtml:pre$ ls -lL <xsl:value-of select="@file"/></xhtml:pre> If properly configured, the output should indicate the following group-owner. xhtml:code<xsl:value-of select="@group"/></xhtml:code> </xsl:template>
On 4/1/13 10:47 AM, David Smith wrote:
Signed-off-by: David Smithdsmith@eclipse.ncsc.mil
RHEL6/transforms/shorthand2xccdf.xslt | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/RHEL6/transforms/shorthand2xccdf.xslt b/RHEL6/transforms/shorthand2xccdf.xslt index 79249d4..1a849e2 100644 --- a/RHEL6/transforms/shorthand2xccdf.xslt +++ b/RHEL6/transforms/shorthand2xccdf.xslt @@ -300,14 +300,14 @@ exclude-result-prefixes="xccdf xhtml dc">
<xsl:template match="fileowner-check-macro"> To check the ownership of <xhtml:code><xsl:value-of select="@file"/></xhtml:code>, run the command:
- xhtml:pre$ ls -l <xsl:value-of select="@file"/></xhtml:pre>
xhtml:pre$ ls -lL <xsl:value-of select="@file"/></xhtml:pre> If properly configured, the output should indicate the following owner: xhtml:code<xsl:value-of select="@owner"/></xhtml:code> </xsl:template>
<xsl:template match="filegroupowner-check-macro"> To check the group ownership of xhtml:code<xsl:value-of select="@file"/></xhtml:code>, run the command:
- xhtml:pre$ ls -l <xsl:value-of select="@file"/></xhtml:pre>
- xhtml:pre$ ls -lL <xsl:value-of select="@file"/></xhtml:pre> If properly configured, the output should indicate the following group-owner. xhtml:code<xsl:value-of select="@group"/></xhtml:code> </xsl:template>
--
Ack
scap-security-guide@lists.fedorahosted.org
-
David Smith -
Shawn Wells