Skip to content

Add OVAL for encrypt_partitions rule #13539

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 9, 2025
Merged

Add OVAL for encrypt_partitions rule #13539

merged 3 commits into from
Jun 9, 2025

Conversation

Xeicker
Copy link
Contributor

@Xeicker Xeicker commented Jun 4, 2025

Description:

  • Add OVAL for encrypt_partitions rule only applicable to OL products.
  • This might be applicable to other products but don't have the chance to test

Rationale:

  • Add automation content

Review Hints:

  • In a system with any encrypted partitions the collected objects should be a good hint that everything is correctly in place. The encrypted partitions shouldn't be collected, and any other should be a valid partition

@Xeicker
Add OVAL for encrypt_partitions rule
2cf710f 
Signed-off-by: Edgar Aguilar <edgar.aguilar@oracle.com>
@Xeicker Xeicker added this to the 0.1.78 milestone Jun 4, 2025
@Xeicker Xeicker added the OVAL OVAL update. Related to the systems assessments. label Jun 4, 2025
@jan-cerny jan-cerny self-assigned this Jun 5, 2025
jan-cerny
jan-cerny reviewed Jun 5, 2025
View reviewed changes
linux_os/guide/system/software/disk_partitioning/encrypt_partitions/oval/shared.xml

<linux:partition_state id="state_non_pseudo_file_systems" version="1">
<linux:uuid operation="pattern match">.+</linux:uuid>
<linux:fs_type operation="not equal">iso9660</linux:fs_type>
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this one special?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is collected by partition_object But I wouldn't say it is a partition in the system, this is a cdrom

linux_os/guide/system/software/disk_partitioning/encrypt_partitions/oval/shared.xml
@@ -0,0 +1,50 @@
<def-group>
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suggest adding a warning to the rule.yml that the rule doesn't have a remediation.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added it

Xeicker and others added 2 commits June 5, 2025 10:20
@Xeicker @jan-cerny
Apply suggestions from code review
43bea4f 
Co-authored-by: Jan Černý <jcerny@redhat.com>
@Xeicker
Add warning to encrypt_partitions
c79348e 
Signed-off-by: Edgar Aguilar <edgar.aguilar@oracle.com>
@codeclimate CodeClimate
Copy link

codeclimate bot commented Jun 5, 2025

Code Climate has analyzed commit c79348e and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 61.9% (0.0% change).

View more on Code Climate.

@jan-cerny jan-cerny merged commit e323ce7 into ComplianceAsCode:master Jun 9, 2025
131 of 132 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jan-cerny jan-cerny jan-cerny approved these changes

Assignees

@jan-cerny jan-cerny

Labels
OVAL OVAL update. Related to the systems assessments.
Projects
None yet
Milestone
0.1.78
Development

Successfully merging this pull request may close these issues.
2 participants
@Xeicker @jan-cerny
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy