GRAMMAR_CHECK
The “GRAMMAR_CHECK” audit check examines the contents of a file and matches a loosely defined grammar (made up of one or multiple regex statements). If one line in the target file does not match any of the regex statements, then the test will fail.
Tip: For information about the parameters commonly found in Unix custom items, see Unix Configuration Keywords.
Example
<custom_item>
type: GRAMMAR_CHECK
description: "Check /etc/securetty contents are OK."
file: "/etc/securetty"
regex: "console"
regex: "vc/1"
regex: "vc/2"
regex: "vc/3"
regex: "vc/4"
regex: "vc/5"
regex: "vc/6"
regex: "vc/7"
</custom_item>