3 Replies Latest reply on Sep 1, 2016 7:11 PM by Bill Robinson

    Incomplete compliance rule.

    Charles Berman

      I am working on a rule to check the content and existence of our banners (for login). The rule as written will catch our various iterations but it is incomplete. When the herald keyword doe not exist the rule just says it is complaint. I need it to become marked as non complaint.

       

      This is an AIX UNIX system

       

      Please look at the enclosed and provide a solution. I just don't know enough on how to mark it as a fail.

       

      if

         "Configuration File Entry:/etc/security/login.cfg//default/herald" exists

      then

         "Configuration File Entry:/etc/security/login.cfg//default/herald"."Value1 as String (All OS)" = (ignore extra white spaces) """\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\r+++++\r\nWARNING - Use ......\r\n+++++\r\nlogin: """  OR

         "Configuration File Entry:/etc/security/login.cfg//default/herald"."Value1 as String (All OS)" contains "\r+++++\r\nWARNING"  OR

         "Configuration File Entry:/etc/security/login.cfg//default/herald"."Value1 as String (All OS)" = """ WARNING - USE OF THIS TO DO SO\n CAN LEAD TO PENALTIES UP TO AND INCLUDING TERMINATION OF\n EMPLOYMENT.....\n\n login: """

      else

         "Configuration File Entry:/etc/security/login.cfg//default/herald" does not exist

      end

       

      Thank you

        • 1. Re: Incomplete compliance rule.
          Bill Robinson

          //default/exist AND ( other conditions )

          ?

          • 2. Re: Incomplete compliance rule.
            Charles Berman

            So you are saying you don't know how to do this?

             

            This is the option I get from the selection pull down

             

            "Configuration File Entry:/etc/security/login.cfg//default/herald"

            and then I was able to select

            "does not exist"

             

               "Configuration File Entry:/etc/security/login.cfg//default/herald" does not exist ????(what do I add to have it return as non complaint?)

             

            I don't understand what you are suggesting I do. It is the "other conditions" that I suppose I was asking you for help with.

            Is this where a "Not" would be used?

             

            NOT ( "Configuration File Entry:/etc/security/login.cfg//default/herald" does not exist )

            • 3. Re: Incomplete compliance rule.
              Bill Robinson

              "Configuration File Entry:/etc/security/login.cfg//default/herald" exists AND ( other conditions )

               

              no if.  you want the entry to exist and you want to check the other conditions right?

               

              "When the herald keyword doe not exist the rule just says it is complaint. I need it to become marked as non complaint."

              i read that to mean that if the 'herald' keyword does not exist then the rule should fail.  so that would mean that the config file entry must exist AND the other conditions must be met.