Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/xml/SCAP/gentoo-oval.xml
diff options
context:
space:
mode:
Diffstat (limited to 'xml/SCAP/gentoo-oval.xml')
-rw-r--r--xml/SCAP/gentoo-oval.xml62
1 files changed, 62 insertions, 0 deletions
diff --git a/xml/SCAP/gentoo-oval.xml b/xml/SCAP/gentoo-oval.xml
index b520353..9fa2c1e 100644
--- a/xml/SCAP/gentoo-oval.xml
+++ b/xml/SCAP/gentoo-oval.xml
@@ -71,6 +71,41 @@
</criteria>
</definition>
+ <definition id="oval:org.gentoo.dev.swift:def:4" version="1" class="compliance">
+ <metadata>
+ <title>The /home file system is mounted with the nodev option</title>
+ <affected family="unix">
+ <platform>Gentoo Linux</platform>
+ </affected>
+ <description>
+ This definition tests whether the /home partition is mounted with the nodev
+ mount option.
+ </description>
+ </metadata>
+ <criteria operator="AND">
+ <criterion test_ref="oval:org.gentoo.dev.swift:tst:2" comment="The /home location is on a separate partition" />
+ <criterion test_ref="oval:org.gentoo.dev.swift:tst:4" comment="The /home partition is mounted with nodev mount option" />
+ </criteria>
+ </definition>
+
+ <definition id="oval:org.gentoo.dev.swift:def:5" version="1" class="compliance">
+ <metadata>
+ <title>The /tmp location must be a separate file system</title>
+ <affected family="unix">
+ <platform>Gentoo Linux</platform>
+ </affected>
+ <reference source="CCE" ref_url="http://nvd.nist.gov/cce/index.cfm" ref_id="CCE-14161-4"/>
+ <description>
+ This definition tests whether the /tmp location is a separate file
+ system.
+ </description>
+ </metadata>
+ <criteria operator="AND">
+ <criterion test_ref="oval:org.gentoo.dev.swift:tst:5" comment="The /tmp location is on a separate partition" />
+ </criteria>
+ </definition>
+
+
</definitions>
<tests>
@@ -97,6 +132,22 @@
<!-- "nosuid" mount option -->
<lin-def:state state_ref="oval:org.gentoo.dev.swift:ste:1" />
</lin-def:partition_test>
+
+ <lin-def:partition_test id="oval:org.gentoo.dev.swift:tst:4"
+ version="1" check="all" check_existence="all_exist"
+ comment="Tests that /home is mounted with nodev option">
+ <!-- /home partition -->
+ <lin-def:object object_ref="oval:org.gentoo.dev.swift:obj:2" />
+ <!-- "nodev" mount option -->
+ <lin-def:state state_ref="oval:org.gentoo.dev.swift:ste:2" />
+ </lin-def:partition_test>
+
+ <lin-def:partition_test id="oval:org.gentoo.dev.swift:tst:5"
+ version="1" check="all" check_existence="all_exist"
+ comment="Tests that /tmp is a separate file system">
+ <!-- /home partition -->
+ <lin-def:object object_ref="oval:org.gentoo.dev.swift:obj:3" />
+ </lin-def:partition_test>
</tests>
<objects>
@@ -110,6 +161,12 @@
version="1" comment="The /home partition">
<lin-def:mount_point>/home</lin-def:mount_point>
</lin-def:partition_object>
+
+ <lin-def:partition_object id="oval:org.gentoo.dev.swift:obj:3"
+ version="1" comment="The /tmp partition">
+ <lin-def:mount_point>/tmp</lin-def:mount_point>
+ </lin-def:partition_object>
+
</objects>
<states>
@@ -119,6 +176,11 @@
<lin-def:mount_options entity_check="at least one">nosuid</lin-def:mount_options>
</lin-def:partition_state>
+ <lin-def:partition_state id="oval:org.gentoo.dev.swift:ste:2"
+ version="1" comment="The file system is mounted with the nodev mount option">
+ <lin-def:mount_options entity_check="at least one">nodev</lin-def:mount_options>
+ </lin-def:partition_state>
+
</states>
<!--