In Control Compliance Suite, after making a copy of a predefined Linux Standard, when running a data collection job you are getting the following error.
The following commands are not whitelisted c=`rpm
More examples.
The following commands are not whitelisted in the Linux section : bname=""""$(basename, fugname=""""$(_>#SuDo#<_, l_fwd_status=""""$(_>#SuDo#<_, l_output="""""""".
Or
bname="$(basename, fugname="$(_>#SuDo#<_, l_fwd_status="$(_>#SuDo#<_, l_output=""
The predefined Standards by default bypass the CommandWhitelist requirements.
After making a copy of a predefined Standard it becomes a custom Standard and any command based checks then need to have all commands listed in the CommandWhitelist.ini file on each CCS Manager doing data collection.
In this case the check '1.7.2 Ensure GDM login banner is configured for RHEL' has the following command.
c=`rpm -q gdm 2>/dev/null`; if [[ ${c} != *"not installed"* ]]; then echo "Pass"; egrep "^user-db:user$|^system-db:gdm$|^file-db:/usr/share/gdm/greeter-dconf-defaults$" /etc/dconf/profile/gdm 2>/dev/null; egrep -rin "banner-message-enable=true|banner-message-text=*" /etc/dconf/db/gdm.d/ 2>/dev/null;else echo "Fail"; fi
As that first part "c=`rpm" are altogether with no space CCS recognizes this as a single command.
Edit the CommandWhitelist.ini file and add in the command "c=`rpm" to the bottom of the [Linux] section of commands. Make sure this is done on each CCS Manager.
Please refer to the following documentation on how to add the command to the CommandWhitelist.ini file.
When exporting the results to a CSV file format if there is a " it will cause the output to contain to many ". Export in a different file format such as XML or xls and the results will be correct.
For example:
bname=""""$(basename, fugname=""""$(_>#SuDo#<_, l_fwd_status=""""$(_>#SuDo#<_, l_output=""""""""
should be output as:
bname="$(basename, fugname="$(_>#SuDo#<_, l_fwd_status="$(_>#SuDo#<_, l_output=""
Each command should be added to the CommandWhitelist.ini file, such as.
grubby
modprobe
which
bname="$(basename
fugname="$(_>#SuDo#<_
l_fwd_status="$(_>#SuDo#<_
l_output=""
UID_MIN=$(_>#SuDo#<_
basename
chage