|
1
|
|
|
import datetime |
|
|
|
|
|
|
2
|
|
|
import os.path |
|
3
|
|
|
|
|
4
|
|
|
|
|
5
|
|
|
JINJA_MACROS_DEFINITIONS = os.path.join(os.path.dirname(os.path.dirname( |
|
6
|
|
|
__file__)), "shared", "macros.jinja") |
|
7
|
|
|
|
|
8
|
|
|
xml_version = """<?xml version="1.0" encoding="UTF-8"?>""" |
|
|
|
|
|
|
9
|
|
|
|
|
10
|
|
|
datastream_namespace = "http://scap.nist.gov/schema/scap/source/1.2" |
|
|
|
|
|
|
11
|
|
|
ocil_namespace = "http://scap.nist.gov/schema/ocil/2.0" |
|
|
|
|
|
|
12
|
|
|
oval_footer = "</oval_definitions>" |
|
|
|
|
|
|
13
|
|
|
oval_namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5" |
|
|
|
|
|
|
14
|
|
|
ocil_cs = "http://scap.nist.gov/schema/ocil/2" |
|
|
|
|
|
|
15
|
|
|
xccdf_header = xml_version + "<xccdf>" |
|
|
|
|
|
|
16
|
|
|
xccdf_footer = "</xccdf>" |
|
|
|
|
|
|
17
|
|
|
bash_system = "urn:xccdf:fix:script:sh" |
|
|
|
|
|
|
18
|
|
|
ansible_system = "urn:xccdf:fix:script:ansible" |
|
|
|
|
|
|
19
|
|
|
puppet_system = "urn:xccdf:fix:script:puppet" |
|
|
|
|
|
|
20
|
|
|
anaconda_system = "urn:redhat:anaconda:pre" |
|
|
|
|
|
|
21
|
|
|
cce_uri = "https://nvd.nist.gov/cce/index.cfm" |
|
|
|
|
|
|
22
|
|
|
stig_ns = "http://iase.disa.mil/stigs/Pages/stig-viewing-guidance.aspx" |
|
|
|
|
|
|
23
|
|
|
disa_cciuri = "http://iase.disa.mil/stigs/cci/Pages/index.aspx" |
|
|
|
|
|
|
24
|
|
|
disa_srguri = "http://iase.disa.mil/stigs/srgs/Pages/index.aspx" |
|
|
|
|
|
|
25
|
|
|
ssg_version_uri = \ |
|
|
|
|
|
|
26
|
|
|
"https://github.com/OpenSCAP/scap-security-guide/releases/latest" |
|
27
|
|
|
OSCAP_VENDOR = "org.ssgproject" |
|
28
|
|
|
OSCAP_DS_STRING = "xccdf_%s.content_benchmark_" % OSCAP_VENDOR |
|
29
|
|
|
OSCAP_GROUP = "xccdf_%s.content_group_" % OSCAP_VENDOR |
|
30
|
|
|
OSCAP_GROUP_PCIDSS = "xccdf_%s.content_group_pcidss-req" % OSCAP_VENDOR |
|
31
|
|
|
OSCAP_GROUP_VAL = "xccdf_%s.content_group_values" % OSCAP_VENDOR |
|
32
|
|
|
OSCAP_GROUP_NON_PCI = "xccdf_%s.content_group_non-pci-dss" % OSCAP_VENDOR |
|
33
|
|
|
XCCDF11_NS = "http://checklists.nist.gov/xccdf/1.1" |
|
34
|
|
|
XCCDF12_NS = "http://checklists.nist.gov/xccdf/1.2" |
|
35
|
|
|
min_ansible_version = "2.3" |
|
|
|
|
|
|
36
|
|
|
ansible_version_requirement_pre_task_name = \ |
|
|
|
|
|
|
37
|
|
|
"Verify Ansible meets SCAP-Security-Guide version requirements." |
|
38
|
|
|
|
|
39
|
|
|
oval_header = ( |
|
|
|
|
|
|
40
|
|
|
""" |
|
41
|
|
|
<oval_definitions |
|
42
|
|
|
xmlns="{0}" |
|
43
|
|
|
xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" |
|
44
|
|
|
xmlns:ind="{0}#independent" |
|
45
|
|
|
xmlns:unix="{0}#unix" |
|
46
|
|
|
xmlns:linux="{0}#linux" |
|
47
|
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
|
48
|
|
|
xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd |
|
49
|
|
|
{0} oval-definitions-schema.xsd |
|
50
|
|
|
{0}#independent independent-definitions-schema.xsd |
|
51
|
|
|
{0}#unix unix-definitions-schema.xsd |
|
52
|
|
|
{0}#linux linux-definitions-schema.xsd">""" |
|
53
|
|
|
.format(oval_namespace)) |
|
54
|
|
|
|
|
55
|
|
|
timestamp = datetime.datetime.utcnow().strftime("%Y-%m-%dT%H:%M:%S") |
|
|
|
|
|
|
56
|
|
|
|
|
57
|
|
|
PKG_MANAGER_TO_SYSTEM = { |
|
58
|
|
|
"yum": "rpm", |
|
59
|
|
|
"zypper": "rpm", |
|
60
|
|
|
"dnf": "rpm", |
|
61
|
|
|
"apt_get": "dpkg", |
|
62
|
|
|
} |
|
63
|
|
|
|
ComplianceAsCode /
content
Loading history...
The coding style of this project requires that you add a docstring to this code element. Below, you find an example for methods:
If you would like to know more about docstrings, we recommend to read PEP-257: Docstring Conventions.