order: 200 adjust: - enabled: false when: arch != x86_64 continue: false - enabled: false when: distro < rhel-8 continue: false - enabled: false when: distro == fedora continue: false component: - scap-security-guide - audit contact: - Matus Marhefka description: | Verifies that SSG rules configuring audit from the OSPP profile (rules which use template audit_file_contents) correspond to sample audit rules for OSPP under /usr/share/audit/sample-rules from the audit package. List of the SSG rules checked by the test: audit_basic_configuration audit_perm_change_success audit_delete_failed audit_access_success audit_owner_change_failed audit_owner_change_success audit_modify_failed audit_create_success audit_module_load audit_delete_success audit_ospp_general audit_perm_change_failed audit_create_failed audit_access_failed audit_modify_success If this test fails please contact RHEL Security Compliance team on "openscap / cac (compliance as code)" gchat, or mailing list , or on internal IRC (#openscap). duration: 4h enabled: true extra-nitrate: TC#0613954 extra-summary: /CoreOS/scap-security-guide/Sanity/audit-sample-rules extra-task: /CoreOS/scap-security-guide/Sanity/audit-sample-rules framework: beakerlib recommend: - scap-security-guide - audit - libxml2 summary: Verify SSG rules configuring audit from OSPP are aligned with the audit package. tag: - NoFedora - daily - NoStabilization - NoProductization test: ./runtest.sh name: /Sanity/audit-sample-rules link: [] id: tier: path: /Sanity/audit-sample-rules manual: false tty: false require: [] environment: {} result: respect where: check: [] restart-on-exit-code: [] restart-max-count: 1 restart-with-reboot: false sources: - /var/tmp/tmt/run-017/Plans/general/discover/Downstream_scap-security-guide_tests/tests/Sanity/main.fmf - /var/tmp/tmt/run-017/Plans/general/discover/Downstream_scap-security-guide_tests/tests/Sanity/audit-sample-rules/main.fmf context: {}