-
Notifications
You must be signed in to change notification settings - Fork 686
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add missing_file_pass to owner/group-owner rules #8194
Conversation
With commit fe36b35 file_groupowner and file_owner started to filter/ exclude symlinks. Unfortunately the rules touched here, have some main paths that are actually a symlink (e.g. /lib64 on Ubuntu) and the filter together with the all_exist rule in their OVAL, make the rule evaluation to fail. By adding missing_file_pass, we change it to any_exist.
Hi @dodys. Thanks for your PR. I'm waiting for a ComplianceAsCode member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/ok-to-test |
I believe that in this case we should provide |
Who will provide them? |
let's ping @dodys and see if he replies in a couple of days... otherwise we can submit some tests to get this merged. |
sorry, I haven't had the time to take a look at it. |
The logs have:
I believe the templated scenario should be updated to consider if the path is a directory, but apart from that... it's probably not a good idea to remove those directories even in a test, it might break the system. So a custom test scenario might help in this case. |
This PR doesn't seem needed anymore with the fixes done in PR #8456 |
Confirmed and closing this PR. |
Description:
With commit fe36b35 file_groupowner and file_owner started to filter/
exclude symlinks. Unfortunately the rules touched here, have some main
paths that are actually a symlink (e.g. /lib64 on Ubuntu) and the filter
together with the all_exist rule in their OVAL, make the rule evaluation
to fail. By adding missing_file_pass, we change it to any_exist.