wushiqinlou
wushiqinlou
If installed-rpms file from sosreport does not contain epoch, parser would set the “epoch” as “0” by default. However, “epoch” is 1 from the current back-code. Then comparison will return...
On RHEL9, the content format of "/etc/crypto-policies/back-ends/opensshserver.config" is different from this file on RHEL6/7/8, which will cause parser failure and rule false positive. It is necessary to update the parser...
### All Pull Requests: Check all that apply: * [ ] Have you followed the guidelines in our Contributing document, including the instructions about commit messages? * [ ] Is...
The `ssl.conf` file contains this line: ~~~ SSLCertificateKeyFile /etc/pki/tls/private/linux.dts.star.oakland.edu.key.pem.withoutpassword ~~~ Redaction adds `********` under the line, which breaks the file format and leads the parser failure. ~~~ SSLCertificateKeyFile /etc/pki/tls/private/linux.dts.star.oakland.edu.key.pem.withoutpassword ********...
The httpd parser can not parse the files under `/etc/httpd/modsecurity.d/activated_rules`. As such files do not affect the Advisor rule's logic, per team discussion, we decided to ignore `include` inside expanded...
Before RHEL8, the format of rsyslog.conf is like: ~~~ $IncludeConfig /etc/rsyslog.d/*.conf $ModLoad imtcp ~~~ However, it changes like following in RHEL8: ~~~ include(file="/etc/rsyslog.d/*.conf" mode="optional") module(load="imuxsock" SysSock.Use="off") ~~~ We also need...