def main():
global definitions
global tests
global objects
global states
global variables
if len(sys.argv) < 2:
print ("Provide the name of an XML file, which contains" +
" the definition to test.")
sys.exit(1)
for testfile in sys.argv[1:]:
body = read_ovaldefgroup_file(testfile)
defname = add_oval_elements(body)
ovaltree = ET.fromstring(header + footer)
# append each major element type, if it has subelements
for element in [definitions, tests, objects, states, variables]:
if element.getchildren():
ovaltree.append(element)
# re-map all the element ids from meaningful names to meaningless
# numbers
testtranslator = idtranslate.idtranslator("testids.ini",
"scap-security-guide.testing")
ovaltree = testtranslator.translate(ovaltree)
(ovalfile, fname) = tempfile.mkstemp(prefix=defname, suffix=".xml")
os.write(ovalfile, ET.tostring(ovaltree))
os.close(ovalfile)
print "Evaluating with OVAL tempfile : " + fname
print "Writing results to : " + fname + "-results"
subprocess.call("oscap oval eval --results " + fname
+ "-results " + fname, shell=True)
# perhaps delete tempfile?
definitions = ET.Element("definitions")
tests = ET.Element("tests")
objects = ET.Element("objects")
states = ET.Element("states")
variables = ET.Element("variables")
sys.exit(0)
def main():
global definitions
global tests
global objects
global states
global variables
if len(sys.argv) < 2:
print ("Provide the name of an XML file, which contains" + " the definition to test.")
sys.exit(1)
for testfile in sys.argv[1:]:
body = read_ovaldefgroup_file(testfile)
defname = add_oval_elements(body)
ovaltree = ET.fromstring(header + footer)
# append each major element type, if it has subelements
for element in [definitions, tests, objects, states, variables]:
if element.getchildren():
ovaltree.append(element)
# re-map all the element ids from meaningful names to meaningless
# numbers
testtranslator = idtranslate.idtranslator("testids.ini", "scap-security-guide.testing")
ovaltree = testtranslator.translate(ovaltree)
(ovalfile, fname) = tempfile.mkstemp(prefix=defname, suffix=".xml")
os.write(ovalfile, ET.tostring(ovaltree))
os.close(ovalfile)
print "Evaluating with OVAL tempfile : " + fname
print "Writing results to : " + fname + "-results"
subprocess.call("oscap oval eval --results " + fname + "-results " + fname, shell=True)
# perhaps delete tempfile?
definitions = ET.Element("definitions")
tests = ET.Element("tests")
objects = ET.Element("objects")
states = ET.Element("states")
variables = ET.Element("variables")
sys.exit(0)
def main():
global definitions
global tests
global objects
global states
global variables
global silent_mode
silent_mode = False
silent_mode_options = ['-q', '--quiet', '--silent']
if len(sys.argv) < 2 or len(sys.argv) > 3:
print ("Provide the name of an XML file, which contains" +
" the definition to test.")
usage()
if len(sys.argv) == 3 and sys.argv[1] in silent_mode_options:
if sys.argv[2].rfind('.xml') != -1:
silent_mode = True
sys.argv.pop(1)
else:
usage()
if len(sys.argv) != 2 or sys.argv[1].rfind('.xml') == -1:
usage()
if not len(sys.argv) == 4:
try:
from openscap import oscap_get_version
if oscap_get_version() < 1.2:
schema = 5.10
else:
schema = 5.11
except ImportError:
schema = parse_conf_file(conf_file)
else:
# FUTURE: replace with sys arg
schema = '5.10'
testfile = sys.argv[1]
header = _header(schema)
testfile = find_testfile(testfile)
body = read_ovaldefgroup_file(testfile)
defname = add_oval_elements(body, header)
ovaltree = ET.fromstring(header + footer)
# append each major element type, if it has subelements
for element in [definitions, tests, objects, states, variables]:
if element.getchildren():
ovaltree.append(element)
# re-map all the element ids from meaningful names to meaningless
# numbers
testtranslator = idtranslate.idtranslator("testids.ini",
"scap-security-guide.testing")
ovaltree = testtranslator.translate(ovaltree)
(ovalfile, fname) = tempfile.mkstemp(prefix=defname, suffix=".xml")
os.write(ovalfile, ET.tostring(ovaltree))
os.close(ovalfile)
if not silent_mode:
print ("Evaluating with OVAL tempfile : " + fname)
print ("Writing results to : " + fname + "-results")
cmd = "oscap oval eval --results " + fname + "-results " + fname
oscap_child = subprocess.Popen(cmd, stdout=subprocess.PIPE, shell=True)
cmd_out = oscap_child.communicate()[0]
if not silent_mode:
print cmd_out
if oscap_child.returncode != 0:
if not silent_mode:
print ("Error launching 'oscap' command: \n\t" + cmd)
sys.exit(2)
if 'false' in cmd_out:
# at least one from the evaluated OVAL definitions evaluated to
# 'false' result, exit with '1' to indicate OVAL scan FAIL result
sys.exit(1)
# perhaps delete tempfile?
definitions = ET.Element("definitions")
tests = ET.Element("tests")
objects = ET.Element("objects")
states = ET.Element("states")
variables = ET.Element("variables")
# 'false' keyword wasn't found in oscap's command output
# exit with '0' to indicate OVAL scan TRUE result
sys.exit(0)
def main():
global definitions
global tests
global objects
global states
global variables
global silent_mode
silent_mode = False
silent_mode_options = ['-q', '--quiet', '--silent']
if len(sys.argv) < 2 or len(sys.argv) > 3:
print ("Provide the name of an XML file, which contains" +
" the definition to test.")
usage()
if len(sys.argv) == 3 and sys.argv[1] in silent_mode_options:
if sys.argv[2].rfind('.xml') != -1:
silent_mode = True
sys.argv.pop(1)
else:
usage()
if len(sys.argv) != 2 or sys.argv[1].rfind('.xml') == -1:
usage()
testfile = sys.argv[1]
body = read_ovaldefgroup_file(testfile)
defname = add_oval_elements(body)
ovaltree = ET.fromstring(header + footer)
# append each major element type, if it has subelements
for element in [definitions, tests, objects, states, variables]:
if element.getchildren():
ovaltree.append(element)
# re-map all the element ids from meaningful names to meaningless
# numbers
testtranslator = idtranslate.idtranslator("testids.ini",
"scap-security-guide.testing")
ovaltree = testtranslator.translate(ovaltree)
(ovalfile, fname) = tempfile.mkstemp(prefix=defname, suffix=".xml")
os.write(ovalfile, ET.tostring(ovaltree))
os.close(ovalfile)
if not silent_mode:
print ("Evaluating with OVAL tempfile : " + fname)
print ("Writing results to : " + fname + "-results")
cmd = "oscap oval eval --results " + fname + "-results " + fname
oscap_child = subprocess.Popen(cmd, stdout=subprocess.PIPE, shell=True)
cmd_out = oscap_child.communicate()[0]
if not silent_mode:
print cmd_out
if oscap_child.returncode != 0:
if not silent_mode:
print ("Error launching 'oscap' command: \n\t" + cmd)
sys.exit(2)
if 'false' in cmd_out:
# at least one from the evaluated OVAL definitions evaluated to
# 'false' result, exit with '1' to indicate OVAL scan FAIL result
sys.exit(1)
# perhaps delete tempfile?
definitions = ET.Element("definitions")
tests = ET.Element("tests")
objects = ET.Element("objects")
states = ET.Element("states")
variables = ET.Element("variables")
# 'false' keyword wasn't found in oscap's command output
# exit with '0' to indicate OVAL scan TRUE result
sys.exit(0)