Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated proposal; Add 2 new Linux Tests #88

Merged
merged 3 commits into from
Feb 26, 2020
Merged

Updated proposal; Add 2 new Linux Tests #88

merged 3 commits into from
Feb 26, 2020

Conversation

wmunyan
Copy link
Contributor

@wmunyan wmunyan commented Jun 13, 2019

Modified original proposal. Removed lsmod and modprobe, replaced with single kernelmodule construct.

The 2nd test in the PR is a new construct, proposing the sestatus_(test|object|state|item). This test allows implementations to collect and evaluate information stemming from the output of the sestatus command.

Updated proposal; Add 2 new Linux Tests
8aac934 
Modified original proposal.  Removed lsmod and modprobe, replaced with single kernelmodule construct.  2nd test is the sestatus check.
@wmunyan wmunyan mentioned this pull request Jun 13, 2019
Closed
@wmunyan wmunyan added Add to Existing Schema A proposal for the addition of a new Test/Object/State to an existing OVAL schema Linux Issue related to the Linux schema. labels Jun 13, 2019
@wmunyan wmunyan mentioned this pull request Jun 13, 2019
Closed
@solind
Copy link

solind commented Jun 14, 2019

Hi @wmunyan, why make selinux_status an EntityItemStringType instead of an EntityItemSEStatusModeType? The only possible values should be enabled and disabled, right?

@wmunyan
Copy link
Contributor Author

wmunyan commented Jun 17, 2019

@solind I think what I'll do is add another enumeration for EntityItemSELinuxStatusType with values for enabled and disabled. The Mode type includes the enforcing and permissive, etc which don't match up for the status.

Bill M added 2 commits June 17, 2019 10:07
Datatype change for sestatus:selinux_status
ba221a8 
Created new enumeration type describing possible values for SELinux status (enabled, disabled) and associated `selinux_status` element to that new type in both definitions and system characteristics schemas.
Added policy from config file
33d3ad6 
Added a field for "policy_from_config_file"
@isimluk
Copy link

isimluk commented Oct 24, 2019

Looks good to me.

@solind
Copy link

solind commented Oct 29, 2019

If this can be changed into a PR for the develop branch, @isimluk can make a consensus call so we can move forward and merge.

@isimluk
Copy link

isimluk commented Jan 29, 2020

Consensus call initiated: http://lists.cisecurity.org/pipermail/oval_developer_lists.cisecurity.org/Week-of-Mon-20200127/000615.html

@isimluk
Copy link

isimluk commented Feb 12, 2020

Consensus call period elapsed. None of the feedback received was identified to be required to inform changes to this PR.

This is good to merge. However, we may want to consider merging this first to the develop branch as @solind suggested.

@solind
Copy link

solind commented Feb 12, 2020

Hi @isimluk, it's not a suggestion. After the consensus call, the community process calls for merging into the development branch.

https://oval-community-guidelines.readthedocs.io/en/latest/proposal-process/release-process.html#release-process

@wmunyan wmunyan changed the base branch from master to develop February 21, 2020 13:25
@hanleow hanleow merged commit 886ac21 into develop Feb 26, 2020
@hanleow hanleow deleted the Linux branch March 11, 2020 20:16
@wmunyan wmunyan linked an issue May 10, 2021 that may be closed by this pull request
Add kernelmodule and sestatus tests to Linux schema #75
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Add to Existing Schema A proposal for the addition of a new Test/Object/State to an existing OVAL schema Linux Issue related to the Linux schema.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add kernelmodule and sestatus tests to Linux schema
4 participants
@wmunyan @solind @isimluk @hanleow