rpms / scap-security-guide

Clone
Source Code
GIT

Blame SOURCES/scap-security-guide-0.1.58-update_stig_mapping_table-PR_7327.patch

c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   e3b0486f8f57940693b114708b09181a28621550
  2.   SOURCES
  3.   scap-security-guide-0.1.58-update_stig_mapping_table-PR_7327.patch
Blob History Raw
9be3b2 
From ea1bab197a17dd944e41a583c82c3cc757bb566b Mon Sep 17 00:00:00 2001
9be3b2 
From: Gabriel Becker <ggasparb@redhat.com>
9be3b2 
Date: Wed, 4 Aug 2021 12:23:05 +0200
9be3b2 
Subject: [PATCH] Update STIG mapping table to reflect statistics of coverage.
9be3b2
9be3b2 
---
9be3b2 
 .../shared_xccdf-apply-overlay-stig.xslt      | 59 +++++++++++++------
9be3b2 
 .../transforms/shared_xccdf2table-stig.xslt   | 28 +++++++++
9be3b2 
 2 files changed, 68 insertions(+), 19 deletions(-)
9be3b2
9be3b2 
diff --git a/shared/transforms/shared_xccdf-apply-overlay-stig.xslt b/shared/transforms/shared_xccdf-apply-overlay-stig.xslt
9be3b2 
index 945f709b95..b7c000608c 100644
9be3b2 
--- a/shared/transforms/shared_xccdf-apply-overlay-stig.xslt
9be3b2 
+++ b/shared/transforms/shared_xccdf-apply-overlay-stig.xslt
9be3b2 
@@ -28,26 +28,47 @@
9be3b2 
       <xsl:variable name="overlay_ref" select="@disa"/>
9be3b2 
       <xsl:variable name="overlay_title" select="xccdf:title/@text"/>
9be3b2
9be3b2 
-      <xsl:for-each select="$rules">
9be3b2 
-        <xsl:if test="@id=$overlay_rule">
9be3b2 
-		  <Group id="V-{$overlay_id}">
9be3b2 
-		    <title>SRG-OS-ID</title>
9be3b2 
-		    <description></description>
9be3b2 
-            <Rule id="{$overlay_rule}" severity="{$overlay_severity}" >
9be3b2 
-			<version><xsl:value-of select="$overlay_version"/></version>
9be3b2 
-          	<title><xsl:value-of select="$overlay_title"/></title>
9be3b2 
-          	<description><xsl:copy-of select="xccdf:rationale/node()" /></description>
9be3b2 
-          	<check system="C-{$overlay_id}_chk">
9be3b2 
-              <check-content>
9be3b2 
-					      <xsl:apply-templates select="xccdf:check[@system='http://scap.nist.gov/schema/ocil/2']"/>
9be3b2 
-              </check-content>
9be3b2 
-          	</check>
9be3b2 
-		  	<ident system="https://public.cyber.mil/stigs/cci"><xsl:value-of select="$overlay_ref" /></ident>
9be3b2 
-          	<fixtext><xsl:copy-of select="xccdf:description/node()" /></fixtext>
9be3b2 
-          </Rule>
9be3b2 
+      <xsl:choose>
9be3b2 
+        <xsl:when test="$overlay_rule='XXXX'">
9be3b2 
+          <Group id="V-{$overlay_id}">
9be3b2 
+            <title>SRG-OS-ID</title>
9be3b2 
+            <description></description>
9be3b2 
+                <Rule id="Missing Rule" severity="{$overlay_severity}" >
9be3b2 
+          <version><xsl:value-of select="$overlay_version"/></version>
9be3b2 
+                <title><xsl:value-of select="$overlay_title"/></title>
9be3b2 
+                <description></description>
9be3b2 
+                <check system="C-{$overlay_id}_chk">
9be3b2 
+                  <check-content>
9be3b2 
+                  </check-content>
9be3b2 
+                </check>
9be3b2 
+                <ident></ident>
9be3b2 
+                <fixtext></fixtext>
9be3b2 
+              </Rule>
9be3b2 
           </Group>
9be3b2 
-        </xsl:if>
9be3b2 
-      </xsl:for-each>
9be3b2 
+        </xsl:when>
9be3b2 
+        <xsl:otherwise>
9be3b2 
+          <xsl:for-each select="$rules">
9be3b2 
+            <xsl:if test="@id=$overlay_rule">
9be3b2 
+          <Group id="V-{$overlay_id}">
9be3b2 
+            <title>SRG-OS-ID</title>
9be3b2 
+            <description></description>
9be3b2 
+                <Rule id="{$overlay_rule}" severity="{$overlay_severity}" >
9be3b2 
+          <version><xsl:value-of select="$overlay_version"/></version>
9be3b2 
+                <title><xsl:value-of select="$overlay_title"/></title>
9be3b2 
+                <description><xsl:copy-of select="xccdf:rationale/node()" /></description>
9be3b2 
+                <check system="C-{$overlay_id}_chk">
9be3b2 
+                  <check-content>
9be3b2 
+                    <xsl:apply-templates select="xccdf:check[@system='http://scap.nist.gov/schema/ocil/2']"/>
9be3b2 
+                  </check-content>
9be3b2 
+                </check>
9be3b2 
+            <ident system="https://public.cyber.mil/stigs/cci"><xsl:value-of select="$overlay_ref" /></ident>
9be3b2 
+                <fixtext><xsl:copy-of select="xccdf:description/node()" /></fixtext>
9be3b2 
+              </Rule>
9be3b2 
+              </Group>
9be3b2 
+            </xsl:if>
9be3b2 
+          </xsl:for-each>
9be3b2 
+        </xsl:otherwise>
9be3b2 
+    </xsl:choose>
9be3b2
9be3b2 
     </xsl:for-each>
9be3b2 
     </xsl:copy>
9be3b2 
diff --git a/shared/transforms/shared_xccdf2table-stig.xslt b/shared/transforms/shared_xccdf2table-stig.xslt
9be3b2 
index 3746c386c0..4c477542f4 100644
9be3b2 
--- a/shared/transforms/shared_xccdf2table-stig.xslt
9be3b2 
+++ b/shared/transforms/shared_xccdf2table-stig.xslt
9be3b2 
@@ -20,6 +20,34 @@
9be3b2
9be3b2
9be3b2
9be3b2 
+
9be3b2 
+
9be3b2 
+
9be3b2 
+
9be3b2 
+
9be3b2 
+					Total
9be3b2 
+					Missing
9be3b2 
+					Implemented
9be3b2 
+					Coverage
9be3b2 
+					STIG ids missing rule
9be3b2 
+
9be3b2 
+
9be3b2 
+
9be3b2 
+
9be3b2 
+					<xsl:value-of select="number(count(/cdf:Benchmark/cdf:Group/cdf:Rule))"/>
9be3b2 
+					<xsl:value-of select="number(count(/cdf:Benchmark/cdf:Group/cdf:Rule[@id='Missing Rule']))"/>
9be3b2 
+					<xsl:value-of select="number(count(/cdf:Benchmark/cdf:Group/cdf:Rule[@id!='Missing Rule']))"/>
9be3b2 
+					<xsl:value-of select="format-number(count(/cdf:Benchmark/cdf:Group/cdf:Rule[@id!='Missing Rule']) div count(/cdf:Benchmark/cdf:Group/cdf:Rule)*100, '#.00')"/>%
9be3b2 
+
9be3b2 
+						<xsl:for-each select="/cdf:Benchmark/cdf:Group/cdf:Rule[@id='Missing Rule']">
9be3b2 
+							<xsl:value-of select="cdf:version/node()"/><xsl:text>
</xsl:text>
9be3b2 
+						</xsl:for-each>
9be3b2 
+
9be3b2 
+
9be3b2 
+
9be3b2 
+
9be3b2 
+
9be3b2 
+
9be3b2 
 			<xsl:apply-templates select="cdf:Benchmark"/>
9be3b2 
 		</body>
9be3b2 
 		</html>

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation