6 Replies Latest reply on Feb 28, 2011 10:00 AM by Gerardo Bartoccini

    Compliance against config files with multiple entries

    Gerardo Bartoccini

      I need to run compliance against resolv.conf file.

       

      This should be a relatively common task, however I have problems as the "nameserver" entry is multiple in the file.

       

      So I have created a config file for resolv.conf and a simple rule where:

       

      Configuration file entry /etc/resolv.conf//nameserver must exist and Value 1 as String equals "1.2.3.4"

       

      Now, I have tested this against a server where resolv.conf is as follows:

       

      nameserver 1.2.3.4

      nameserver 4.3.2.1

       

      and it worked fine.

      Then I have tested this against a server where resolv.conf is as follows:

       

      nameserver 4.3.2.1

       

      nameserver 1.2.3.4

       

      and the server is reported as NON-COMPLIANT.

       

      How to deal with multiple entries as above? I can check the file via a custom script and create a rule on this but I would be surprised there is no built-in solution.

      Should I use a for loop instead?

       

      Thanks

       

      PS: I tried an audit job but entries order matters, so it failed again.