fix issues

mitre · Aug 29, 2024 · 58d041c · 58d041c
1 parent 2d49b22
commit 58d041c
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 2 deletions.
diff --git a/controls/SV-257787.rb b/controls/SV-257787.rb
@@ -64,7 +64,7 @@
       end
 
       grub_envar = password_set.first.match(/\$\{(?<grub_pw_envar>\w+)\}/).captures.first
-      password_encrypted = file(grub_userfile).content.match(/#{grub_envar}=grub.pbkdf2/)
+      password_encrypted = file(grub_userfile).content.match?(/#{grub_envar}=grub.pbkdf2/)
       it "should be encrypted in the user config file (\'#{grub_userfile}\')" do
         expect(password_encrypted).to eq(true), "GRUB password environment variable not set to an encrypted value in \'#{grub_userfile}\'"
       end

diff --git a/controls/SV-257937.rb b/controls/SV-257937.rb
@@ -64,7 +64,7 @@
     its('zone') { should_not be_empty }
   end
 
-  failing_zones = firewalld.zone.reject { |fz| firewalld.zone(fz).target == 'DROP' }
+  failing_zones = firewalld.zone.select { |fz| firewalld.zone(fz).target == 'DROP' }
 
   describe 'All firewall zones' do
     it 'should be configured to drop all incoming network packets unless explicitly accepted' do

diff --git a/inspec.yml b/inspec.yml
@@ -982,6 +982,9 @@ inputs:
       protocols: []
       services:
         - ssh
+        # TODO: Do we need below?
+        - cockpit
+        - dhcpv6-client
 
   # SV-257991, SV-257990, SV-257989
   - name: approved_openssh_server_conf