| Ivan Suzdal | 184c4e3 | 2018-06-06 13:55:30 +0400 | [diff] [blame] | 1 | from __future__ import absolute_import |
| 2 | import tempfile |
| 3 | import os |
| 4 | from oscap.utils import build_tailoring, normalize_id, run |
| 5 | |
| 6 | def oscap_has_sce(): |
| 7 | (stdout, _, _) = run('oscap -V') |
| 8 | return any([x for x in stdout.splitlines() if x.startswith('SCE Vers')]) |
| 9 | |
| 10 | def xccdf(benchmark, |
| 11 | pillar_data=None, |
| 12 | xccdf_version='1.2', |
| 13 | profile='default', |
| 14 | tailoring_id=None): |
| 15 | |
| 16 | tailoring_file = None |
| 17 | profile = normalize_id(profile, xccdf_version=xccdf_version) |
| 18 | |
| 19 | tempdir = tempfile.mkdtemp(prefix='oscap-') |
| 20 | |
| 21 | if pillar_data: |
| 22 | if not tailoring_id: |
| 23 | raise Exception('Tailoring id must be set!') |
| 24 | profile = normalize_id(pillar_data['profile'], typeof='profile') |
| 25 | tailoring_file = os.path.join(tempdir, 'tailoring.xml') |
| 26 | |
| 27 | cmd = 'oscap xccdf eval --profile {profile} ' +\ |
| 28 | '--results results.xml --report report.html' |
| 29 | if oscap_has_sce(): |
| 30 | cmd += ' --sce-results' |
| 31 | if tailoring_file: |
| 32 | cmd += ' --tailoring-file {tailoring_file}' |
| 33 | cmd += ' {benchmark}' |
| 34 | cmd = cmd.format(profile=profile, |
| 35 | tailoring_file=tailoring_file, |
| 36 | benchmark=benchmark) |
| 37 | |
| 38 | if tailoring_file: |
| 39 | with open(tailoring_file, 'w') as f: |
| 40 | f.write(build_tailoring(pillar_data, tailoring_id)) |
| 41 | |
| 42 | stdout, stderr, rc = run(cmd, tempdir) |
| 43 | return stdout, stderr, rc, tempdir |
| 44 | |
| 45 | def oval(benchmark): |
| 46 | tempdir = tempfile.mkdtemp(prefix='oscap-') |
| 47 | cmd = 'oscap oval eval --results results.xml --report report.html {}' |
| 48 | cmd = cmd.format(benchmark) |
| 49 | |
| 50 | stdout, stderr, rc = run(cmd, tempdir) |
| 51 | return stdout, stderr, rc, tempdir |