Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve Rsyslog Rainer regex to find log files #11808

Conversation

marcusburghardt
Copy link
Member

Description:

There are other entries in RainerScript syntax used to specify filepaths, but the files are not used for logs.
It was included a test scenario to test these exceptions.
The regex was also improved in OVAL, Bash and Ansible.

Rationale:

Review Hints:

./build_product rhel9
./tests/automatus.py rule --libvirt qemu:///session rhel9 --datastream build/ssg-rhel9-ds.xml --dontclean --remediate-using bash rsyslog_files_permissions
./tests/automatus.py rule --libvirt qemu:///session rhel9 --datastream build/ssg-rhel9-ds.xml --dontclean --remediate-using ansible rsyslog_files_ownership
./tests/automatus.py rule --libvirt qemu:///session rhel9 --datastream build/ssg-rhel9-ds.xml --dontclean --remediate-using ansible rsyslog_files_groupownership

There are other entries in RainerScript syntax used to specify
filepaths, but the files are not used for logs. This test scenario
ensure these lines are present so we can properly test assessment and
remediation.
Minor improvement in Bash and Ansible to avoid matching undesired
entries. OVAL regex was also improved in alignment to remediation.
@marcusburghardt marcusburghardt added bugfix Fixes to reported bugs. Update Rule Issues or pull requests related to Rules updates. labels Apr 10, 2024
@marcusburghardt marcusburghardt added this to the 0.1.73 milestone Apr 10, 2024
Copy link

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

Copy link

🤖 A k8s content image for this PR is available at:
ghcr.io/complianceascode/k8scontent:11808
This image was built from commit: d535042

Click here to see how to deploy it

If you alread have Compliance Operator deployed:
utils/build_ds_container.py -i ghcr.io/complianceascode/k8scontent:11808

Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and:
CONTENT_IMAGE=ghcr.io/complianceascode/k8scontent:11808 make deploy-local

Copy link

codeclimate bot commented Apr 10, 2024

Code Climate has analyzed commit d535042 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 59.3% (0.0% change).

View more on Code Climate.

Copy link
Collaborator

@vojtapolasek vojtapolasek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thank you very much.

@vojtapolasek vojtapolasek merged commit c550638 into ComplianceAsCode:master Apr 15, 2024
45 checks passed
@marcusburghardt marcusburghardt deleted the rsyslog_rainer_regex_logfiles branch April 15, 2024 13:44
vojtapolasek added a commit to vojtapolasek/contest that referenced this pull request Apr 29, 2024
vojtapolasek added a commit to vojtapolasek/contest that referenced this pull request Apr 29, 2024
comps pushed a commit to RHSecurityCompliance/contest that referenced this pull request Apr 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bugfix Fixes to reported bugs. Update Rule Issues or pull requests related to Rules updates.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants