GRAMMAR_CHECK

The “GRAMMAR_CHECK” audit check examines the contents of a file and matches a loosely defined grammar (made up of one or multiple regex statements). If one line in the target file does not match any of the regex statements, then the test will fail.

Example

<custom_item>

type: GRAMMAR_CHECK

description: "Check /etc/securetty contents are OK."

file: "/etc/securetty"

regex: "console"

regex: "vc/1"

regex: "vc/2"

regex: "vc/3"

regex: "vc/4"

regex: "vc/5"

regex: "vc/6"

regex: "vc/7"

</custom_item>