diff mbox series

[meta-security-compliance] scap-security-guide: Fix openembedded platform tests

Message ID 20220214190838.2170306-1-akshay.bhat@timesys.com
State New
Headers show
Series [meta-security-compliance] scap-security-guide: Fix openembedded platform tests | expand

Commit Message

Akshay Bhat Feb. 14, 2022, 7:08 p.m. UTC 
Update the installed_OS_is_openembedded check to drop the quotes
in the VERSION_ID string to match f451c68667cca of openembedded-core.
Without this fix, all tests are reported as "notapplicable".

Signed-off-by: Akshay Bhat <akshay.bhat@timesys.com>
---
 ...is_openembedded-Update-pattern-match.patch | 30 +++++++++++++++++++
 .../scap-security-guide_git.bb                |  1 +
 2 files changed, 31 insertions(+)
 create mode 100644 meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-installed_OS_is_openembedded-Update-pattern-match.patch
diff mbox series

Patch

diff --git a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-installed_OS_is_openembedded-Update-pattern-match.patch b/meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-installed_OS_is_openembedded-Update-pattern-match.patch
new file mode 100644
index 0000000..61d9206
--- /dev/null
+++ b/meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-installed_OS_is_openembedded-Update-pattern-match.patch
@@ -0,0 +1,30 @@ 
+From d943e41d64da6af89a6b8224110299ad88747497 Mon Sep 17 00:00:00 2001
+From: Akshay Bhat <akshay.bhat@timesys.com>
+Date: Mon, 14 Feb 2022 13:00:31 -0500
+Subject: [PATCH] installed_OS_is_openembedded: Update pattern match
+
+The VERSION_ID string is no longer quoted with f451c68667cca of
+openembedded-core. Update the pattern match check in
+installed_OS_is_openembedded to match the same.
+
+Signed-off-by: Akshay Bhat <akshay.bhat@timesys.com>
+---
+ shared/checks/oval/installed_OS_is_openembedded.xml | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/shared/checks/oval/installed_OS_is_openembedded.xml b/shared/checks/oval/installed_OS_is_openembedded.xml
+index 01df16b43..eaf9f2b10 100644
+--- a/shared/checks/oval/installed_OS_is_openembedded.xml
++++ b/shared/checks/oval/installed_OS_is_openembedded.xml
+@@ -23,7 +23,7 @@
+   </ind:textfilecontent54_test>
+   <ind:textfilecontent54_object id="obj_openembedded" version="1" comment="Check OpenEmbedded version">
+     <ind:filepath>/etc/os-release</ind:filepath>
+-    <ind:pattern operation="pattern match">^VERSION_ID=\"nodistro\.[0-9].$</ind:pattern>
++    <ind:pattern operation="pattern match">^VERSION_ID=nodistro\.[0-9]$</ind:pattern>
+     <ind:instance datatype="int">1</ind:instance>
+   </ind:textfilecontent54_object>
+ 
+-- 
+2.25.1
+
diff --git a/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide_git.bb b/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide_git.bb
index ddde5cc..f493ea8 100644
--- a/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide_git.bb
+++ b/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide_git.bb
@@ -9,6 +9,7 @@  SRC_URI = "git://github.com/akuster/scap-security-guide.git;branch=oe-0.1.44;;pr
            file://0003-fix-remaining-getchildren-and-getiterator-functions.patch \
            file://0001-Fix-platform-spec-file-check-tests-in-installed-OS-d.patch \
            file://0002-Fix-missing-openembedded-from-ssg-constants.py.patch \
+           file://0001-installed_OS_is_openembedded-Update-pattern-match.patch \
           "
 PV = "0.1.44+git${SRCPV}"